如何在 Java 中使用 TLSV1 或 SSLV3 进行第一次握手(Client Hello)?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/6383207/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
how to use TLSV1 or SSLV3 for first handshake(Client Hello) in Java?
提问by Steve
When I execute the following code, why is the first handshake SSLv2, not TLSv1 or SSLv3?
当我执行以下代码时,为什么第一次握手是SSLv2,而不是TLSv1或SSLv3?
How to use TLSV1 or SSLV3 for first handshake in Java?
如何在 Java 中使用 TLSV1 或 SSLV3 进行第一次握手?
String host = "www.google.com";
String url = "/adsense/?sourceid=aso&subid=ZH_CN-ET-AS-ADSBY6&medium=link&hl=zh_CN";
SSLContext ctx = SSLContext.getInstance("TLS");
ctx.init(new KeyManager[0], new TrustManager[] {new DefaultTrustManager()}, new SecureRandom());
SSLContext.setDefault(ctx);
SSLSocketFactory factory = ctx.getSocketFactory();
Socket socket = factory.createSocket(host, 443);
BufferedWriter out = new BufferedWriter(new OutputStreamWriter(socket.getOutputStream()));
BufferedReader in = new BufferedReader(new InputStreamReader(socket.getInputStream()));
out.write("GET " + url + " HTTP/1.0");
out.flush();
out.close();
in.close();
回答by Steve
Use SSLSocket:
使用SSLSocket:
SSLSocket socket = factory.createSocket(host, 443);
String[] newProtocols = {"TLSv1"};
socket.setEnabledProtocols(newProtocols);
回答by shampoo
For TLSv1: Starting the client jvm with
对于 TLSv1:使用以下命令启动客户端 jvm
-Dhttps.protocols="TLSv1"
or using
或使用
System.setProperty("https.protocols", "TLSv1");
solved the problem for me.
为我解决了这个问题。
回答by Rajarajan Pudupatti Sundari Je
Which version of java are you using? Also how do you say it uses SSLv2? By default, java 1.6 will use TLSv1. There is a catch here, if you enable debug ssl, you might see SSLv2Hello format being used but if you close look the 'protocol vesion' inside the record layer will be TLSv1 (1.e version information wrapper under SSLv2 format). TCP level packet capture analysis using wireshark should confirm this. If you want to initiate in TLSv1 format only set https.protocols=TLSv1 (this might affect all the outgoing ssl calls) OR set on that specific socket like above. Do note that even if you five comma separated list (like https.protocols=SSLv3,TLSv1) it will start with TLSv1.
你用的是哪个版本的java?另外你怎么说它使用SSLv2?默认情况下,java 1.6 将使用 TLSv1。这里有一个问题,如果您启用 debug ssl,您可能会看到正在使用 SSLv2Hello 格式,但如果您仔细观察,记录层内的“协议版本”将是 TLSv1(SSLv2 格式下的 1.e 版本信息包装器)。使用wireshark 的TCP 级别数据包捕获分析应确认这一点。如果您想以 TLSv1 格式启动,只需设置 https.protocols=TLSv1(这可能会影响所有传出的 ssl 调用)或设置在上述特定套接字上。请注意,即使您使用五个逗号分隔的列表(如 https.protocols=SSLv3,TLSv1),它也会以 TLSv1 开头。
