Java 为 HTTPS 连接设置 https.protocols 系统属性的问题
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/34283829/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Issues with setting https.protocols System Property for HTTPS connections
提问by namalfernandolk
I have a Java Implementation which used by various client applications to connects to to the third party systems. These third party systems supports different protocols over http/https. In this case, all client applications are hosted in the same server where my Java Implementation hosted. So,in this case, various client applications set various https protocols to the System properties (eg: System.setProperty("https.protocols", "SSLv3"), System.setProperty("https.protocols", "TLS")when they are using this to connect to those third party systems.
我有一个 Java 实现,各种客户端应用程序使用它来连接到第三方系统。这些第三方系统通过 http/https 支持不同的协议。在这种情况下,所有客户端应用程序都托管在我的 Java 实现托管的同一服务器中。所以,在这种情况下,各种客户端应用程序设置不同的HTTPS协议的系统属性(如:System.setProperty("https.protocols", "SSLv3"),System.setProperty("https.protocols", "TLS")他们利用这种当连接到这些第三方系统。
Here, the System properties are shared among all the applications in that environment. So, modifying a System property leads to many problems. So, I want to know,
在这里,系统属性在该环境中的所有应用程序之间共享。因此,修改系统属性会导致许多问题。所以,我想知道,
- Is there any way to get this done without using System properties?
- Is there any way to set all the possible https.protocols so that it supports any http or https connection made to the third party systems supports various protocols?
- 有没有办法在不使用系统属性的情况下完成这项工作?
- 有什么方法可以设置所有可能的 https.protocols 以便它支持与第三方系统进行的任何 http 或 https 连接支持各种协议?
Protocols and algorithms supported in each JDK version as mentioned in blogs.oracle.com:
blogs.oracle.com 中提到的每个 JDK 版本支持的协议和算法:
Code :
代码 :
String responseStr = null;
System.setProperty("https.protocols",http-protocol); // This is set by the client applications. Previously, there was one by one (eg : "SSLv3". Then I changed it to "TLSv1.2,TLSv1.1,TLSv1,SSLv3" assuming it will enable all)
byteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
byteArrayOutputStream.write(requestStr.getBytes());
URL mUrl = new URL(proxy_url);
HttpURLConnection con = (HttpURLConnection) mUrl.openConnection(); // It works fine for the HttpURLConnection when there's no (s)
con.setRequestMethod("POST");
con.setDoOutput(true);
con.setUseCaches(false);
con.setDoInput(true);
con.setRequestProperty("user-agent","Mozilla(MSIE)");
con.setRequestProperty("Accept-Encoding","gzip,deflate");
byteArrayOutputStream.writeTo(con.getOutputStream());
String encodingHeader = con.getHeaderField("Content-Encoding");
InputStream inputStream = null;
if(encodingHeader != null && encodingHeader.toLowerCase().indexOf("gzip") != -1){
inputStream = new GZIPInputStream(con.getInputStream());
}else {
inputStream = con.getInputStream();
}
if (inputStream != null) {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
byte[] buffer = new byte[4096];
int length = 0;
while ((length = inputStream.read(buffer)) != -1) {
baos.write(buffer, 0, length);
}
responseStr = new String(baos.toByteArray());
baos.close();
}
My Java version : 1.5
我的 Java 版本:1.5
回答by user207421
I suggest you don't set it at all. Just let the system negotiate with the peer. It will negotiate the strongest shared protocol.
我建议你根本不要设置它。只需要让系统与同行协商即可。它将协商最强的共享协议。
