我正在尝试使用 SSL 证书调用 API。从 -Djavax.net.debug = all log 我通过以下步骤。
- 收到“Server Hello Done”
- 客户端密钥交换:RSA PreMasterSecret、TLSv1
- 收到客户端密钥交换的完成状态
更改密码规范:失败
RECV TLSv1 ALERT: fatal, handshake_failure %% Invalidated: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
我正在使用带有 JCE 无限强度策略文件的 JDK1.7。谢谢你的帮助。
编辑:在服务器 Hello Done 和客户端密钥交换之间
*** ServerHelloDone
[read] MD5 and SHA1 hashes: len = 4
0000: 0E 00 00 00 ....
*** Certificate chain
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1
设置 SSL 套接字工厂的代码:
System.setProperty('javax.net.ssl.keyStore', 'jksfile')
System.setProperty('javax.net.ssl.keyStorePassword', '')
System.setProperty("https.protocols", "TLSv1");
System.setProperty('javax.net.ssl.trustStore', 'C:/Program Files/Java/jdk1.7.0_79/jre/lib/security/cacerts')
System.setProperty('javax.net.ssl.trustStorePassword', '')
SSLContext sslcontext = SSLContext.getInstance("TLSv1");
sslcontext.init(null, null, null);
HostnameVerifier allHostsValid = new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
if (conn instanceof HttpsURLConnection){
conn.setSSLSocketFactory(sslcontext.getSocketFactory());
}