问题:
使用CloseableHttpClient得记录版本SSLv2Hello不受支持
缑泓
我正在尝试进行https调用,但收到以下错误:不支持的记录版本SSLv2Hello
谁能说说我做错了什么吗?谢谢你的帮助。
下面是StackTrace:
debug:
Unsupported record version SSLv2Hello
javax.net.ssl.SSLException: Unsupported record version SSLv2Hello
at sun.security.ssl.InputRecord.readV3Record(Unknown Source)
at sun.security.ssl.InputRecord.read(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:275)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:254)
at org.apache.http.impl.conn.HttpClientConnectionOperator.connect(HttpClientConnectionOperator.java:123)
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:318)
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:363)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:219)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:195)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:86)
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:108)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
at httpcomponents.httpsTest.main(httpsTest.java:135)
null
下面是工作示例:
import com.sun.net.ssl.internal.ssl.Provider;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.List;
import java.util.Timer;
import java.util.TimerTask;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.Header;
import org.apache.http.HttpHeaders;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpHead;
import org.apache.http.conn.socket.LayeredConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.conn.ssl.X509HostnameVerifier;
import org.apache.http.entity.ContentType;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.protocol.BasicHttpContext;
import org.apache.http.protocol.HttpContext;
String audioURL = "https://mydata.com/webreports/audio.jsp?callID=338786512&authentication=98695279578B04166629C0";
RequestConfig requestConfig = null;
requestConfig = RequestConfig
.custom()
.setConnectTimeout(5000)
.setConnectionRequestTimeout(5000)
.setSocketTimeout(5000)
.build();
PoolingHttpClientConnectionManager poolingHttpClientConnectionManager = null;
poolingHttpClientConnectionManager = new PoolingHttpClientConnectionManager();
poolingHttpClientConnectionManager.setMaxTotal(5);
CloseableHttpClient closeableHttpClient = null;
HttpHead httpHead = new HttpHead(audioURL);
try {
Provider sslProvider = new Provider();
if (Security.getProvider(sslProvider.getName()) == null) {
Security.addProvider(sslProvider);
}
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkServerTrusted(X509Certificate[] certs, String authType) throws CertificateException {
}
@Override
public void checkClientTrusted(X509Certificate[] certs, String authType) throws CertificateException {
}
}
};
SSLContext sslContext = SSLContexts
.custom()
.useSSL()
.build();
sslContext.init(null, trustAllCerts, new SecureRandom());
LayeredConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext);
X509HostnameVerifier x509HostnameVerifier = new X509HostnameVerifier() {
@Override
public void verify(String host, SSLSocket ssl) throws IOException {
//do nothing
}
@Override
public void verify(String host, X509Certificate cert) throws SSLException {
//do nothing //do nothing
}
@Override
public void verify(String host, String[] cns, String[] subjectAlts) throws SSLException {
//do nothing
}
@Override
public boolean verify(String string, SSLSession ssls) {
return true;
}
};
closeableHttpClient = HttpClientBuilder
.create()
.setDefaultRequestConfig(requestConfig)
.setConnectionManager(poolingHttpClientConnectionManager)
.setSslcontext(sslContext)
.setHostnameVerifier(x509HostnameVerifier)
.setSSLSocketFactory(sslConnectionSocketFactory)
.build();
} catch (NoSuchAlgorithmException noSuchAlgorithmException) {
System.out.println(noSuchAlgorithmException.getMessage());
} catch (KeyManagementException keyManagementException) {
System.out.println(keyManagementException.getMessage());
}
HttpContext httpContext = new BasicHttpContext();
CloseableHttpResponse closeableHttpResponse = null;
try {
if (closeableHttpClient != null) {
closeableHttpResponse = closeableHttpClient.execute(httpHead, httpContext);
if (closeableHttpResponse != null) {
int statusCode = closeableHttpResponse.getStatusLine().getStatusCode();
System.out.println(String.valueOf(statusCode));
}
}
} catch (IOException iOException) {
System.out.println(iOException.getMessage());
} finally {
if (closeableHttpResponse != null) {
try {
closeableHttpResponse.close();
} catch (IOException iOException) {
System.out.println(iOException.getMessage());
}
}
if (closeableHttpClient != null) {
try {
closeableHttpClient.close();
} catch (IOException iOException) {
System.out.println(iOException.getMessage());
}
}
}
null
共有1个答案
魏景龙
问题似乎是JDK8客户机无法使用默认提供程序连接到SSL2服务器(SSLv2很长一段时间不推荐使用)。您必须强制服务器使用SSL3(或另一个更安全的协议),或者您必须使用另一个提供程序(BouncyCastle?)。目前,我们在SOAP webservice JDK8客户机和JDK6服务器上遇到了类似的问题。
http://en.wikipedia.org/wiki/transport_layer_security#SSL_2.0
http://tools.ietf.org/html/rfc6176
类似资料:
-
问题内容: 我试图拨打https并收到以下错误:记录版本不受支持SSLv2Hello 谁能告诉我我在做什么错?谢谢你的帮助。 这是StackTrace: 这是工作示例: 问题答案: 弄清楚了。我在鞋带上绊倒的两个地方是: 需要在PoolingHttpClientConnectionManager中注册https 将TLSv1设置为SSLConnectionSocketFactory中唯一受支持的协
-
我发布了这个问题,我可以通过删除WebLogic startups参数来解决这个问题: 有人能解释一下吗?
-
下面的代码有时失败,有时工作。我使用的是Java8。是服务器端的问题吗? 线程“main”javax.net.ssl.sslException中的异常:不支持的记录版本未知-0.0。
-
我正在尝试将play-scalr与Play一起使用,并遵循了Github页面上的安装说明,但是当我请求调整大小的映像时,我得到了错误: [RuntimeException:java.lang.UnsupportedClassVersionError:SE/DigiPlant/Scalr/API/Resizer$MODE:不支持Major.Minor版本51.0] 当我编译项目时,JAR是下载的,所
-
我刚刚安装了3.0使用在我的笔记本电脑上,这是运行14.04: 然而,当我使用时,终端似乎认为它使用的是1.2版。1: 更糟糕的是,当我去打开一个JSON nbform版本4的笔记本,它支持IPython3.0,我得到以下错误: 我试图使用团队推荐的命令将笔记本降级到版本3,但对我来说也失败了: 这到底是怎么回事?
-
我在JDK1.8/jre/lib/ext中使用UCanAccess jar文件进行ms access db连接... 我已经包含了所有必需的jar文件,但仍然遇到这个异常 NET.UCANAccess.JDBC.UCANAccessSQLException:UCAEXC:::4.x.x不支持的较新版本:32 和它的未加载驱动程序类。怎么了?