SSL:javax.net.ssl.SSLException: Received fatal alert: protocol_version

调用一个https的接口报错javax.net.ssl.SSLException: Received fatal alert: protocol_version

在Java 1.8上,默认TLS协议是v1.2。在Java 1.6和1.7上,默认是已废弃的TLS1.0,由于此项目使用的是jdk1.6,因此引发错误。

解决方法1:

在发起请求前面设置TLSv1.2协议

System.setProperty("https.protocols", "TLSv1.2");

解决方法2:

在发起请求前忽略ssl认证:

工具类:

import java.security.cert.CertificateException;

import java.security.cert.X509Certificate;

import javax.net.ssl.HostnameVerifier;

import javax.net.ssl.HttpsURLConnection;

import javax.net.ssl.SSLContext;

import javax.net.ssl.SSLSession;

import javax.net.ssl.TrustManager;

import javax.net.ssl.X509TrustManager;

public class SslUtils {

private static void trustAllHttpsCertificates() throws Exception {

TrustManager[] trustAllCerts = new TrustManager[1];

TrustManager tm = new miTM();

trustAllCerts[0] = tm;

SSLContext sc = SSLContext.getInstance("SSL");

sc.init(null, trustAllCerts, null);

HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());

}

static class miTM implements TrustManager,X509TrustManager {

public X509Certificate[] getAcceptedIssuers() {

return null;

}

public boolean isServerTrusted(X509Certificate[] certs) {

return true;

}

public boolean isClientTrusted(X509Certificate[] certs) {

return true;

}

public void checkServerTrusted(X509Certificate[] certs, String authType)

throws CertificateException {

return;

}

public void checkClientTrusted(X509Certificate[] certs, String authType)

throws CertificateException {

return;

}

}

/**

* 忽略HTTPS请求的SSL证书,必须在openConnection之前调用

* @throws Exception

*/

public static void ignoreSsl() throws Exception{

HostnameVerifier hv = new HostnameVerifier() {

public boolean verify(String urlHostName, SSLSession session) {

return true;

}

};

trustAllHttpsCertificates();

HttpsURLConnection.setDefaultHostnameVerifier(hv);

}

}

使用方法:

public String doHttpGetUTF8(String postUrl,String token) {

OutputStreamWriter out = null;

BufferedReader in = null;

String result = "";

try {

URL realUrl = new URL(postUrl);

if("https".equalsIgnoreCase(realUrl.getProtocol())){

SslUtils.ignoreSsl();

}

//打开 url之间的连接

HttpURLConnection conn = (HttpURLConnection)realUrl.openConnection();

//设置通用的请求属性

conn.setRequestMethod("GET");

conn.setUseCaches(false);

conn.setRequestProperty("Accept-Charset", "utf-8");

conn.setRequestProperty("contentType", "utf-8");

conn.setRequestProperty("Content-Type", "application/x‑www‑form‑urlencoded");

conn.setRequestProperty("Authorization", "Bearer "+token);

conn.setConnectTimeout(5000);

conn.setReadTimeout(5000);

long start = System.currentTimeMillis();

//获取 URLConnection对象输出对应的输出流

// 定义BufferedReader输入流来读取URL的响应

in = new BufferedReader(new InputStreamReader(conn.getInputStream(),"utf-8"));

long end = System.currentTimeMillis();

String line;

while (null != (line = in.readLine())) {

result += "\n" + line;

}

//建立

} catch (Exception e) {

System.out.println("发送GET请求出现异常!" + e);

e.printStackTrace();

}

// 使用finally块来关闭输出流、输入流

finally {

try {

if (out != null) {

out.close();

}

if (in != null) {

in.close();

}

} catch (IOException ex) {

ex.printStackTrace();

}

}

return result;

}

建立连接之前调用该方法即可

解决方法3:

在项目中同时配置jdk1.6和jdk1.8

我用的方法3,方法1和方法2没有起作用

相关推荐
2501_9159214322 分钟前
iOS IPA 混淆实测分析:从逆向视角验证加固效果与防护流程
websocket·网络协议·tcp/ip·http·网络安全·https·udp
2501_9159184122 分钟前
打造可观测的 iOS CICD 流程:调试、追踪与质量保障全记录
websocket·网络协议·tcp/ip·http·网络安全·https·udp
2501_915909064 小时前
调试 WebView 旧资源缓存问题:一次从偶发到复现的实战经历
websocket·网络协议·tcp/ip·http·网络安全·https·udp
向明天乄5 小时前
在小程序中实现实时聊天:WebSocket最佳实践
websocket·网络协议·小程序
cliffordl5 小时前
MCP 传输机制(Streamable HTTP)
网络·网络协议·http
wanhengidc6 小时前
UDP服务器主要是指什么意思?
服务器·网络协议·udp
漫谈网络6 小时前
WebSocket扫盲
网络·websocket·网络协议
不做菜鸟的网工6 小时前
PPPoe拨号上网配置实验
网络协议
2501_915921437 小时前
请求未达服务端?iOS端HTTPS链路异常的多工具抓包排查记录
websocket·网络协议·tcp/ip·http·网络安全·https·udp
于顾而言7 小时前
【开源品鉴】FRP源码阅读
后端·网络协议·开源