2

从 IBM JDK 6.0SR9 更新到 6.0SR10 后,我不断得到(在服务器端):

java.io.IOException: javax.net.ssl.SSLHandshakeException: Client requested protocol SSLv3 not enabled or not supported
                at com.ibm.jsse2.kb.z(kb.java:107)
                at com.ibm.jsse2.SSLEngineImpl.b(SSLEngineImpl.java:4)
                at com.ibm.jsse2.SSLEngineImpl.c(SSLEngineImpl.java:224)
                at com.ibm.jsse2.SSLEngineImpl.wrap(SSLEngineImpl.java:377)
                at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:6)

没有修改任何安全设置。知道如何(重新)启用 SSLv3 吗?

谢谢。

4

3 回答 3

1

在以后的版本中,出于安全原因,默认情况下禁用 SSLv3。

以下技术说明应详细说明如何启用此功能。

http://www-01.ibm.com/support/docview.wss?uid=swg21318567

于 2012-05-10T05:24:49.737 回答
1

当客户端和服务器 SSL 协议设置不匹配时会发生异常。

以下客户端示例代码适用于配置支持 TLSv1.2 协议的服务器端:

String response = "";

URL url = new URL("https://localhost:9043/myservlet);

final SSLContext ctx = SSLContext.getInstance("TLSv1.2");
ctx.init(null, null, null);
// final String protoccol = ctx.getProtocol();

HttpsURLConnection.setDefaultSSLSocketFactory(ctx.getSocketFactory());

final HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();

conn.setReadTimeout(15000);
conn.setConnectTimeout(15000);
conn.setRequestMethod("POST");
conn.setDoInput(true);
conn.setDoOutput(true);

final OutputStream os = conn.getOutputStream();
final BufferedWriter writer =
  new BufferedWriter(new OutputStreamWriter(os, "UTF-8"));

writer.write(......);

writer.flush();
writer.close();
os.close();

final int responseCode = conn.getResponseCode();

if (responseCode == HttpsURLConnection.HTTP_OK) {
  String line;
  final BufferedReader br =
    new BufferedReader(new InputStreamReader(conn.getInputStream()));
  while ((line = br.readLine()) != null) {
    response += line;
  }
}

System.out.println("response: " + response);
于 2016-05-25T23:38:49.837 回答
0

SSLEngine.setEnabledProtocols(),但 SSLv3 当然应该默认启用。我会仔细检查你的断言,它没有被禁用。

于 2012-04-05T12:56:11.563 回答