[英]Force protocol in Client using httpClient 4.3.6 on Java 6
For some testing reason I need to force SSLv3 to be used by Client. 由于某些测试原因,我需要强制客户端使用SSLv3。 SSLv3 is an accepted protocol in server.
SSLv3是服务器中可接受的协议。 Tried to force by using SSLContextBuilder.useProtocol("SSLv3") as below:
尝试通过使用SSLContextBuilder.useProtocol(“ SSLv3”)强制如下:
SSLContextBuilder initiated as below: SSLContextBuilder的启动如下:
SSLContextBuilder builder = SSLContexts.custom();
SSLContext sslContext = builder.useProtocol("SSLv3").build();
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, new X509HostnameVerifier() {
@Override
public void verify(String host, SSLSocket ssl) throws IOException {
}
....
....);
return sslsf;
}
But the result in log shows handshaking always do in TLSv1: 但是日志中的结果显示握手始终在TLSv1中执行:
....
....
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
%% No cached client session
*** ClientHello, TLSv1
RandomCookie:
GMT: 1503650935
bytes = {
255,
....
....
My understanding, client should request for the protocol that is defined whether server accept or not. 我的理解是,客户端应请求服务器是否接受定义的协议。 In this case, I expect to see client should request to use SSLv3 not TLSv1.
在这种情况下,我希望看到客户端应请求使用SSLv3,而不是TLSv1。
That will force HC 4.3 to use SSLv3 only 这将迫使HC 4.3仅使用SSLv3
SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(
SSLContext.getDefault(), new String[] {"SSLv3"}, null, SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER);
CloseableHttpClient httpClient = HttpClients.custom()
.setSSLSocketFactory(sslSocketFactory)
.build();
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.