Remote host closed connection during handshake-蒲公英云

Remote host closed connection during handshake

悠悠 2022-12-10 05:55 297阅读 0赞

https通过TSLv1和TSLv1.2协议通信。

jdk1.7默认是TSLv1, 可以支持TSLv1.1,TSLv1.2,

jdk1.8默认是TSLv1.2

假如服务器端设置是TSLv1.2，而客服端是TSLv1, 访问就会出现Remote host closed connection during handshake的错误.

**解决办法：**强制通过TLSv1.2或TLSv1通信，前提服务端也采用相应协议。

SSLContext ctx = SSLContext.getInstance(“TLSv1.2”);

或者 SSLContext ctx = SSLContext.getInstance(“TLSv1”);

public class SSLClient extends DefaultHttpClient { 
        public SSLClient() throws Exception { 
            super();
            SSLContext ctx = SSLContext.getInstance("TLSv1.2");
            X509TrustManager tm = new X509TrustManager() { 
                @Override
                public void checkClientTrusted(X509Certi<a target=_blank target="_blank" href="http://superuser.com/questions/747377/enable-tls-1-1-and-1-2-for-clients-on-java-7">http://superuser.com/questions/747377/enable-tls-1-1-and-1-2-for-clients-on-java-7</a>ficate[] chain, String authType) throws CertificateException { 
                }
                @Override
                public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { 
                }
                @Override
                public X509Certificate[] getAcceptedIssuers() { 
                    return null;
                }
            };
            ctx.init(null, new TrustManager[] {  tm }, null);
            org.apache.http.conn.ssl.SSLSocketFactory ssf = new org.apache.http.conn.ssl.SSLSocketFactory(ctx,
                    org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
            ClientConnectionManager ccm = this.getConnectionManager();
            SchemeRegistry sr = ccm.getSchemeRegistry();
            sr.register(new Scheme("https", 443, ssf));
        }
    }

查看当前jvm支持的通信协议：

public static void main(String[] args) throws Exception {   
    SSLContext context = SSLContext.getInstance("TLS");  
    context.init(null, null, null);  
    SSLSocketFactory factory = (SSLSocketFactory) context.getSocketFactory();  
    SSLSocket socket = (SSLSocket) factory.createSocket();  
    String[] protocols = socket.getSupportedProtocols();  
    System.out.println("Supported Protocols: " + protocols.length);  
    for (int i = 0; i < protocols.length; i++) {   
        System.out.println(" " + protocols[i]);  
    }  
    protocols = socket.getEnabledProtocols();  
    System.out.println("Enabled Protocols: " + protocols.length);  
    for (int i = 0; i < protocols.length; i++) {   
        System.out.println(" " + protocols[i]);  
    }  
}