如何在Java中启用SSL 3
[英]How to enable SSL 3 in Java
问题描述
Since Java 8 Update 31 the SSL 3 protocol is disabled by default due to security flaws in the SSL Protocol (see POODLE attack ). 
自Java 8 Update 31起,SSL 3协议默认由于SSL协议中的安全漏洞而被禁用(请参阅POODLE攻击 )。
Even if not recommended, how can it be enabled? 即使不推荐,如何启用?
4 个解决方案
解决方案1
12 已采纳 2015-01-30 12:35:55
Unless you have no choice other than using SSL 3, the link below explains the configuration. 除非您使用SSL 3别无选择,否则下面的链接将说明配置。
The release notes for the update 31 provide information for enabling the SSL 3 again in Java. 更新31的发行说明提供了在Java中再次启用SSL 3的信息。
As stated: 就像声明的那样:
If SSLv3 is absolutely required , the protocol can be reactivated by removing "SSLv3" from the jdk.tls.disabledAlgorithms property in the java.security file or by dynamically setting this Security property to "true" before JSSE is initialized.
Keep in mind that even the TLS protocol can be exploited to allow an insecure access with SSL 3, thats also part of the POODLE flaw. 请记住,甚至可以利用TLS协议来允许使用SSL 3进行不安全的访问,这也是POODLE漏洞的一部分。 Enabling this for Java or any other technology should be a last resort only for critical reasons. 只有出于严峻的原因,为Java或任何其他技术启用此功能应该是最后的手段。
解决方案2
9 2016-05-02 11:38:34
If you must re-enable SSLv3.0 on either 8u31, 7u75, 6u91 all you have to do is comment out the following line in JRE_HOME/lib/security/java.security : 如果您必须在8u31,7u75,6u91上重新启用SSLv3.0,您只需在JRE_HOME / lib / security / java.security中注释掉以下行:
jdk.tls.disabledAlgorithms=SSLv3
Code: 码:
import javax.net.ssl.*;
public class SocketProtocols {
public static void main(String[] args) throws Exception {
SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket soc = (SSLSocket) factory.createSocket();
// Returns the names of the protocol versions which are
// currently enabled for use on this connection.
String[] protocols = soc.getEnabledProtocols();
System.out.println("Enabled protocols:");
for (String s : protocols) {
System.out.println(s);
}
}
}
Output: 输出:
Before enabling SSL 3.0 在启用SSL 3.0之前
$ /jdk1.8.0_31/bin/java SocketProtocols
Enabled protocols:
TLSv1
TLSv1.1
TLSv1.2
After enabling SSL 3.0 启用SSL 3.0后
$ /jdk1.8.0_31/bin/java SocketProtocols
Enabled protocols:
SSLv3
TLSv1
TLSv1.1
TLSv1.2
credits/source: http://javablogx.blogspot.de/2015/02/enabling-ssl-v30-in-java-8.html 学分/来源: http : //javablogx.blogspot.de/2015/02/enabling-ssl-v30-in-java-8.html
解决方案3
7 2016-07-18 10:56:40
You can set the jdk.tls.disabledAlgorithms security property at runtime like so. 您可以在运行时设置jdk.tls.disabledAlgorithms安全属性,如下所示。
static {
Security.setProperty("jdk.tls.disabledAlgorithms", "");
}
解决方案4
3 2016-07-05 21:10:50
I found both of these edits were required in order to connect to a DRAC 5 card: 我发现连接到DRAC 5卡需要进行这两种编辑:
Remove MD5: 删除MD5:
jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024
Remove SSLv3, RC4, and MD5withRSA: 删除SSLv3,RC4和MD5withRSA:
jdk.tls.disabledAlgorithms=DH keySize < 768
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.