本文介绍了如何在 apache HttpClient 上设置 TLS 版本的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
如何更改 HttpClient 支持的 TLS 版本?
How can I change the supported TLS versions on my HttpClient?
我在做:
SSLContext sslContext = SSLContext.getInstance("TLSv1.1");
sslContext.init(
keymanagers.toArray(new KeyManager[keymanagers.size()]),
null,
null);
SSLSocketFactory socketFactory = new SSLSocketFactory(sslContext, new String[]{"TLSv1.1"}, null, null);
Scheme scheme = new Scheme("https", 443, socketFactory);
SchemeRegistry schemeRegistry = new SchemeRegistry();
schemeRegistry.register(scheme);
BasicClientConnectionManager cm = new BasicClientConnectionManager(schemeRegistry);
httpClient = new DefaultHttpClient(cm);
但是当我检查创建的套接字时,它仍然说支持的协议是 TLSv1.0、TLSv1.1 和 TLSv1.2.
But when I check the created socket, it still says the supported protocols are TLSv1.0, TLSv1.1 and TLSv1.2.
实际上,我只是希望它停止使用 TLSv1.2,对于这个特定的 HttpClient.
In reality I just want it to stop using TLSv1.2, for this specific HttpClient.
推荐答案
解决方案是:
SSLContext sslContext = SSLContexts.custom()
.useTLS()
.build();
SSLConnectionSocketFactory f = new SSLConnectionSocketFactory(
sslContext,
new String[]{"TLSv1", "TLSv1.1"},
null,
BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
httpClient = HttpClients.custom()
.setSSLSocketFactory(f)
.build();
这需要 org.apache.httpcomponents.httpclient 4.3.x.
This requires org.apache.httpcomponents.httpclient 4.3.x though.
这篇关于如何在 apache HttpClient 上设置 TLS 版本的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!