Java 为 HttpsURLConnection 使用 SSLContext
[英]Java use SSLContext for HttpsURLConnection
问题描述
Looking for an example to open HttpsURLConnection with SSLContext and restricted to TLSv1.2.
寻找使用 SSLContext 打开 HttpsURLConnection 并限制为 TLSv1.2 的示例。 The context is built using trust store and trust key and after I added the custom() call - the TLS setting seem to be changed to just "TLS" vs. "TLSv1.2"上下文是使用信任存储和信任密钥构建的,在我添加了 custom() 调用之后 - TLS 设置似乎更改为“TLS”与“TLSv1.2”
my code is:我的代码是:
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
sslContext = SSLContexts.custom()
.loadTrustMaterial(getKeyStore(trustStoreURL, trustStorePassword), new TrustSelfSignedStrategy())
.loadKeyMaterial(getKeyStore(keyStoreUrl, keyStorePassword), keyStorePassword.toCharArray()).build();
So after the custom() I see "TLS" in sslContext properties.因此,在 custom() 之后,我在 sslContext 属性中看到了“TLS”。
1 个解决方案
解决方案1
0 2022-07-18 13:24:28
Why do you want to use only a single version, is there any restriction on your server host?为什么你只想使用一个版本,对你的服务器主机有什么限制吗? Most modern servers use TLSv1.2 which is backward compatible to one or two versions.大多数现代服务器使用向后兼容一两个版本的 TLSv1.2。 When you use TLSv1.2 while creating socket factory like below,当您在创建如下套接字工厂时使用 TLSv1.2 时,
SSLSocketFactory.getInstance("TLSv1.2")
the default allowed protocols would be SSL, TLS, TLSv1.1, TLSv1.2.默认允许的协议为 SSL、TLS、TLSv1.1、TLSv1.2。
With that being said, to answer your question, You can set your SSLSocket to enable just a few protocols using the setEnabledProtocols method.话虽如此,要回答您的问题,您可以使用 setEnabledProtocols 方法将 SSLSocket 设置为仅启用几个协议。 Please check this doc for more on this.请查看此文档以获取更多信息。 Once done, your SSL connection will allow only the specified protocol.完成后,您的 SSL 连接将仅允许指定的协议。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.