TLS1.2 支持 Java 6
[英]TLS1.2 support with Java 6
问题描述
We have a legacy application running on an embedded platform where we are using Java 6 as JVM.
我们有一个在嵌入式平台上运行的遗留应用程序,我们使用 Java 6 作为 JVM。 We have https access from the application which needs TLS1.2 support.我们有来自需要 TLS1.2 支持的应用程序的 https 访问权限。 The JVM we are using does not provide this.我们使用的 JVM 不提供此功能。 How to achieve TLS1.2 support to the application?如何实现对应用程序的 TLS1.2 支持?
1 个解决方案
解决方案1
1 已采纳 2020-11-26 07:59:30
We could achieve TLS1.2 support by using Bouncy Castle library.我们可以通过使用Bouncy Castle库来实现 TLS1.2 支持。
Here is the detailed solution这是详细的解决方案
- Add appropriate BC libraries to your project将适当的 BC 库添加到您的项目中
Maven Dependency Maven 依赖关系
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15to18</artifactId>
<version>1.64</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bctls-jdk15to18</artifactId>
<version>1.64</version>
</dependency>
Add security provider as BC
将安全提供程序添加为 BCif (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) { Security.insertProviderAt(new BouncyCastleProvider(), 1); } // add provider only if it's not in the JVM if (Security.getProvider(BouncyCastleJsseProvider.PROVIDER_NAME) == null) { Security.insertProviderAt(new BouncyCastleJsseProvider(), 2); }
Alternatively you can update JRE/lib/security/java.security或者,您可以更新 JRE/lib/security/java.security
security.provider.1=org.bouncycastle.jce.provider.BouncyCastleProvider
security.provider.2=org.bouncycastle.jsse.provider.BouncyCastleJsseProvider
security.provider.3=sun.security.provider.Sun
security.provider.4=sun.security.rsa.SunRsaSign
security.provider.5=com.sun.net.ssl.internal.ssl.Provider
security.provider.6=com.sun.crypto.provider.SunJCE
security.provider.7=sun.security.jgss.SunProvider
security.provider.8=com.sun.security.sasl.Provider
The BC libraries needs to be on top (1&2) BC 库需要位于顶部 (1&2)
Initialize SSL context with TLS1.2
使用 TLS1.2 初始化 SSL 上下文SSLContext tls = SSLContext.getInstance("TLSv1.2"); tls.init(null, null, null); SSLContext.setDefault(tls);
Testing测试
HttpsURLConnection urlConnection = null;
try {
URL url = new URL("https://www.nist.gov/");
urlConnection = (HttpsURLConnection) url.openConnection();
String data = IOUtils.toString(urlConnection.getInputStream(), "UTF-8");
System.out.println(data);
} catch (IOException ex) {
ex.printStackTrace();
try {
if (urlConnection != null) {
code = ((HttpURLConnection) urlConnection).getResponseCode();
message = ((HttpURLConnection) urlConnection).getResponseMessage();
} else {
message = ex.toString();
}
} catch (IOException ex2) {
message = ex2.toString();
}
System.out.println("Response : " + message);
} finally {
if (urlConnection != null) {
urlConnection.disconnect();
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.