SSL:javax.net.ssl.SSLException: Received fatal alert: protocol_version

调用一个https的接口报错javax.net.ssl.SSLException: Received fatal alert: protocol_version

在Java 1.8上,默认TLS协议是v1.2。在Java 1.6和1.7上,默认是已废弃的TLS1.0,由于此项目使用的是jdk1.6,因此引发错误。

解决方法1:

在发起请求前面设置TLSv1.2协议

System.setProperty("https.protocols", "TLSv1.2");

解决方法2:

在发起请求前忽略ssl认证:

工具类:

import java.security.cert.CertificateException;

import java.security.cert.X509Certificate;

import javax.net.ssl.HostnameVerifier;

import javax.net.ssl.HttpsURLConnection;

import javax.net.ssl.SSLContext;

import javax.net.ssl.SSLSession;

import javax.net.ssl.TrustManager;

import javax.net.ssl.X509TrustManager;

public class SslUtils {

private static void trustAllHttpsCertificates() throws Exception {

TrustManager[] trustAllCerts = new TrustManager[1];

TrustManager tm = new miTM();

trustAllCerts[0] = tm;

SSLContext sc = SSLContext.getInstance("SSL");

sc.init(null, trustAllCerts, null);

HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());

}

static class miTM implements TrustManager,X509TrustManager {

public X509Certificate[] getAcceptedIssuers() {

return null;

}

public boolean isServerTrusted(X509Certificate[] certs) {

return true;

}

public boolean isClientTrusted(X509Certificate[] certs) {

return true;

}

public void checkServerTrusted(X509Certificate[] certs, String authType)

throws CertificateException {

return;

}

public void checkClientTrusted(X509Certificate[] certs, String authType)

throws CertificateException {

return;

}

}

/**

* 忽略HTTPS请求的SSL证书,必须在openConnection之前调用

* @throws Exception

*/

public static void ignoreSsl() throws Exception{

HostnameVerifier hv = new HostnameVerifier() {

public boolean verify(String urlHostName, SSLSession session) {

return true;

}

};

trustAllHttpsCertificates();

HttpsURLConnection.setDefaultHostnameVerifier(hv);

}

}

使用方法:

public String doHttpGetUTF8(String postUrl,String token) {

OutputStreamWriter out = null;

BufferedReader in = null;

String result = "";

try {

URL realUrl = new URL(postUrl);

if("https".equalsIgnoreCase(realUrl.getProtocol())){

SslUtils.ignoreSsl();

}

//打开 url之间的连接

HttpURLConnection conn = (HttpURLConnection)realUrl.openConnection();

//设置通用的请求属性

conn.setRequestMethod("GET");

conn.setUseCaches(false);

conn.setRequestProperty("Accept-Charset", "utf-8");

conn.setRequestProperty("contentType", "utf-8");

conn.setRequestProperty("Content-Type", "application/x‑www‑form‑urlencoded");

conn.setRequestProperty("Authorization", "Bearer "+token);

conn.setConnectTimeout(5000);

conn.setReadTimeout(5000);

long start = System.currentTimeMillis();

//获取 URLConnection对象输出对应的输出流

// 定义BufferedReader输入流来读取URL的响应

in = new BufferedReader(new InputStreamReader(conn.getInputStream(),"utf-8"));

long end = System.currentTimeMillis();

String line;

while (null != (line = in.readLine())) {

result += "\n" + line;

}

//建立

} catch (Exception e) {

System.out.println("发送GET请求出现异常!" + e);

e.printStackTrace();

}

// 使用finally块来关闭输出流、输入流

finally {

try {

if (out != null) {

out.close();

}

if (in != null) {

in.close();

}

} catch (IOException ex) {

ex.printStackTrace();

}

}

return result;

}

建立连接之前调用该方法即可

解决方法3:

在项目中同时配置jdk1.6和jdk1.8

我用的方法3,方法1和方法2没有起作用

相关推荐
Chan161 小时前
消息推送的三种常见方式:轮询、SSE、WebSocket
java·网络·websocket·网络协议·http·sse
Darenm1116 小时前
计算机⽹络及TCP⽹络应⽤程序开发
网络·网络协议·tcp/ip
兰雪簪轩13 小时前
分布式通信平台测试报告
开发语言·网络·c++·网络协议·测试报告
只因在人海中多看了你一眼16 小时前
B.50.10.09-RPC核心原理与电商应用
qt·网络协议·rpc
小鸟啄米18 小时前
Elixir通过Onvif协议控制IP摄像机,扩展ExOnvif的摄像头停止移动 Stop 功能
网络协议·elixir·onvif
小鸟啄米20 小时前
Elixir通过Onvif协议控制IP摄像机,扩展ExOnvif的摄像头连续移动功能 ContinuousMove
网络协议·elixir·onvif
一只游鱼20 小时前
利用keytool实现https协议(生成自签名证书)
网络协议·http·https·keytool
学会煎墙21 小时前
3分钟快速入门WebSocket
网络·websocket·网络协议
码熔burning1 天前
RPC 和 HTTP 的区别
网络协议·http·rpc