[英]Liberty Exception SSLv3
任何人向我解釋如何在自由 20.0.0.12 上解決此問題
[ERROR ] CWWKO0801E: Unable to initialize SSL connection. Unauthorized access was denied or security settings have expired. Exception is javax.net.ssl.SSLHandshakeException: Client requested protocol SSLv3 is not enabled or supported in server context
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:308)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:264)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:255)
at java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.negotiateProtocol(ClientHello.java:880)
at java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(ClientHello.java:832)
at java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.consume(ClientHello.java:810)
at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:450)
at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1078)
at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1065)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:1012)
at com.ibm.ws.channel.ssl.internal.SSLUtils.handleHandshake(SSLUtils.java:751)
at [internal classes]
.
我在互聯網上搜索但找不到解決此問題的解決方案!
問題 1)這個例外是針對 Liberty 引擎還是我的 JaxRS 客戶端請求?
@Singleton
@TransactionManagement(TransactionManagementType.BEAN)
public class BinanceService {
@Inject
private Logger logger;
@EJB
private StatisticDAO statisticDAO;
private Client client;
private WebTarget target;
@PostConstruct
public void init() {
try {
SSLContext sc = SSLContext.getDefault();
SSLParameters sslParameters = sc.getSupportedSSLParameters();
sslParameters.setProtocols(new String[]{"SSLv1.2", "SSLv3"});
TrustManager[] trustAllCerts = {new InsecureTrustManager()};
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HostnameVerifier allHostsValid = new InsecureHostnameVerifier();
client = ClientBuilder.newBuilder().sslContext(sc).hostnameVerifier(allHostsValid).build();
target = client.target("https://api.binance.com");
} catch (Exception e) {
e.printStackTrace();
}
}
public List<String> exchangeInfo() {
List<String> list = new ArrayList<>();
try {
Response response = target.path("/api/v3/exchangeInfo")
.request(MediaType.APPLICATION_JSON_TYPE)
.get();
JsonObject jsonObject = response.readEntity(JsonObject.class);
JsonArray symbolsArray = jsonObject.get("symbols").asJsonArray();
for (JsonValue symbolJson : symbolsArray) {
String symbol = symbolJson.asJsonObject().getString("symbol");
String baseAsset = symbolJson.asJsonObject().getString("baseAsset");
if (baseAsset.endsWith("DOWN") || baseAsset.endsWith("UP")) {
continue;
}
String finaSymbolName = baseAsset + "/" + symbol.substring(baseAsset.length());
list.add(finaSymbolName);
}
} catch (Exception e) {
logger.finer("Failed to fetch binance symbols");
}
return list;
}
public void fetchAndSaveAllSymbols() {
List<String> list = exchangeInfo();
logger.info(String.format("fetch and save %d symbols", list.size()));
statisticDAO.bulkInsert(list);
}
}
注意:我手動生成了 PKCS12:
keytool -genkeypair -alias "cs-key" -keystore "cs.jks" -dname "CN=test.local" -keyalg RSA -storepass "mah123456" -validity 365
keytool -importkeystore -srckeystore cs.jks -srcstorepass "mah123456" -destkeystore key.p12 -deststorepass "mah123456" -deststoretype PKCS12
問題2:如何解決這個問題?
您的服務器 Java SDK 可能/巧妙地通過 Z93F725A07423FE1C889F448B33D21.F 中的 jdk.tls.disabledAlgorithms 阻止過時的 SSLv3。 現代化您的 SSL 客戶端或在 java.security 中的服務器中允許不安全的 SSLv3。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.