You have not specified the version of Java because below Java 8 there is no way to disallow or disable specific SSL protocol but in Java 8 you can set the enabled protocols like following

您尚未指定 Java 版本，因为在 Java 8 以下无法禁止或禁用特定的 SSL 协议，但在 Java 8 中您可以设置启用的协议，如下所示

Statically:

静态：

% java -Djdk.tls.client.protocols="TLSv1,TLSv1.1,TLSv1.2" MyApp

Dynamically:

动态：

java.lang.System.setProperty("jdk.tls.client.protocols", "TLSv1,TLSv1.1,TLSv1.2");

If you are still using java 7 or below try to use work around explained Instructions to disable SSL v3.0 in Oracle JDK and JRE

如果您仍在使用 java 7 或更低版本，请尝试使用解决说明的说明在 Oracle JDK 和 JRE 中禁用 SSL v3.0

I just implemented following piece of code to disallow SSLv3 and SSLv2Hello on one of our Java6 application.

我刚刚实现了以下一段代码，以在我们的 Java6 应用程序之一上禁止 SSLv3 和 SSLv2Hello。

if(disabledSSLProtocols != null) {

    String[] protocols = sslEngine.getEnabledProtocols();
    List<String> protocolList = new ArrayList<String>();

    for (String s : protocols) {

        if (disabledSSLProtocols.contains(s)) {

            log4j.info("{} protocol is disabled", s);
            continue;
        }

        log4j.info("{} protocol is enabled", s);
        protocolList.add(s);
    }

    sslEngine.setEnabledProtocols(protocolList.toArray(new String[0]));
}

Where disabledSSLProtocolsinitialized with SSLv3,SSLv2Hello

在哪里disabledSSLProtocols初始化 SSLv3,SSLv2Hello

Take a look at http://www.oracle.com/technetwork/java/javase/overview/tlsreadme-141115.html

看看http://www.oracle.com/technetwork/java/javase/overview/tlsreadme-141115.html

Relevant part:

相关部分：

Renegotiations can be re-enabled for those applications that need it by setting the new system property sun.security.ssl.allowUnsafeRenegotiation to true before the JSSE library is initialized. There are several ways to set this property: Command Line: % java -Dsun.security.ssl.allowUnsafeRenegotiation=true Main Java Control Panel (Java Plug-in / Java Web Start) - Runtime Environment. Within the application: java.lang.System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", true); Note that TLS/SSL renegotiation will not occur unless both client and server have enabled renegotiations.

通过在 JSSE 库初始化之前将新的系统属性 sun.security.ssl.allowUnsafeRenegotiation 设置为 true，可以为那些需要它的应用程序重新启用重新协商。有多种方法可以设置此属性： 命令行：% java -Dsun.security.ssl.allowUnsafeRenegotiation=true 主 Java 控制面板（Java 插件/Java Web Start）- 运行时环境。在应用程序中： java.lang.System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", true); 请注意，除非客户端和服务器都启用了重新协商，否则不会发生 TLS/SSL 重新协商。

It explains the issue and the fix.

它解释了问题和修复。

For https-connections using the java.net-package you could try using the environment-variable _JAVA_OPTIONSto set the system-property https.protocols:

对于使用 java.net-package 的 https 连接，您可以尝试使用环境变量_JAVA_OPTIONS来设置 system-property https.protocols：

_JAVA_OPTIONS=-Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2

should enable only the mentioned protocols. Note that before Java 7 the maximum supported version was TLSv1.

应该只启用提到的协议。请注意，在 Java 7 之前，支持的最大版本是 TLSv1。

This solution will not affect any other SSL-connections or http-connections using e.g. the apache-http-connector.

该解决方案不会影响使用例如 apache-http-connector 的任何其他 SSL 连接或 http 连接。

You can patch Oracle Java now. http://www.oracle.com/technetwork/java/javase/documentation/cve-2014-3566-2342133.html

您现在可以修补 Oracle Java。 http://www.oracle.com/technetwork/java/javase/documentation/cve-2014-3566-2342133.html