那些遇到过的问题

如何使用Apache HttpClient启用SSLv3?

dea*_*mon 5 java ssl https apache-httpcomponents apache-httpclient-4.x

从版本4.3.6开始,Apache HttpClient中禁用了SSLv3 ,但我使用的是版本4.5.该开发者写道:

那些希望继续使用SSLv3的用户需要明确启用对它的支持.

我试图在JVM级别设置支持的协议,但它不起作用.示例是在Scala中,但这与问题无关:

System.setProperty("https.protocols", "SSLv2Hello,SSLv3,TLSv1,TLSv1.1,TLSv1.2")
Run Code Online (Sandbox Code Playgroud)

我的第二次尝试是这样的:

val instance: CloseableHttpClient = {
  val trustStrategy = new TrustStrategy {
    override def isTrusted(x509Certificates: Array[X509Certificate], s: String) = true
  }
  val sslContext = new SSLContextBuilder().loadTrustMaterial(null, trustStrategy).build()
  val sslSocketFactory = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE)
  val socketFactoryRegistry =
    RegistryBuilder.create[ConnectionSocketFactory]()
        .register("http", PlainConnectionSocketFactory.getSocketFactory)
        .register("https", sslSocketFactory)
        .build()
  val connectionManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry)
  HttpClients.custom()
      .disableRedirectHandling()
      .setSSLContext(sslContext)
      .setConnectionManager(connectionManager)
      .build()
}
Run Code Online (Sandbox Code Playgroud)

但它也没有用.

如何使用Apache HttpClient 4.5连接支持SSLv2Hello,SSLv3,TLSv1,TLSv1.1,TLSv1.2的主机?

ok2*_*k2c 5

默认情况下,HttpClient不会考虑系统属性.一个或者需要指示HttpClient构建器这样做

CloseableHttpClient client = HttpClients.createSystem();
Run Code Online (Sandbox Code Playgroud)

或使用自定义协议设置手动配置连接套接字工厂

SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(
        SSLContext.getDefault(),
        new String[] { "SSLv2Hello","SSLv3","TLSv1","TLSv1.1","TLSv1.2"},
        null,
        SSLConnectionSocketFactory.getDefaultHostnameVerifier());
Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()
        .register("http", PlainConnectionSocketFactory.getSocketFactory())
        .register("https", socketFactory)
        .build();

PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
CloseableHttpClient client = HttpClients.custom().setConnectionManager(cm).build();
Run Code Online (Sandbox Code Playgroud)

编辑

此代码段与评论中提到的网站一样正常 

SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(
        SSLContext.getDefault(),
        new String[] {"TLSv1"},
        null,
        SSLConnectionSocketFactory.getDefaultHostnameVerifier());
Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()
        .register("http", PlainConnectionSocketFactory.getSocketFactory())
        .register("https", socketFactory)
        .build();

PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
CloseableHttpClient client = HttpClients.custom().setConnectionManager(cm).build();
try (CloseableHttpResponse response = client.execute(new HttpGet("https://www.ethz.ch/de.html"))) {
    System.out.println(response.getStatusLine());
    System.out.println(EntityUtils.toString(response.getEntity()));
}
Run Code Online (Sandbox Code Playgroud)

归档时间:

查看次数:

5618 次

最近记录:

7 年,10 月 前
相关归档
Android 7的Java 7语言功能 189
为什么Java枚举文字不能具有泛型类型参数? 139
如何从Android手机获取TimeZone? 127
了java.lang.RuntimeException:com.android.builder.dexing.DexArchiveMergerException:无法在Android Studio中3.0合并DEX 64
尝试生成pfx文件时无法加载证书 19
在MonoTouch上使用HTTPS的HttpListener 9
Groovy SSL签名验证:签名长度不正确? 7
为什么PoolingHttpClientConnectionManager提供越来越慢的连接? 6
C++套接字连接中的OpenSSL(HTTPS客户端) 2
SSL和ASP .NET MVC 1
难疑归档
何时在Java中使用LinkedList而不是ArrayList? 2974
"最小的惊讶"和可变的默认论证 2458
轻松获取最新的git子模块 1748
在JavaScript中解析JSON? 1642
C#中两个问号共同意味着什么? 1540
如何迭代Bash中变量定义的一系列数字? 1409
如何将字节数组转换为十六进制字符串,反之亦然? 1313
最优雅的方法来检查Python中的字符串是否为空? 1282
如何从主机获取Docker容器的IP地址? 1221
哪个MySQL数据类型用于存储布尔值 1168