TSL协议升级导致的问题:caught when processing request: Received fatal alert: protocol_version
近日,公司升级TSL协议,禁用TSL1.0,导致原本好好的https接口,报以下错误:
2019-03-05 15:43:29 [org.apache.commons.httpclient.HttpMethodDirector]-[INFO] - I/O exception (javax.net.ssl.SSLException) caught when processing request: Received fatal alert: protocol_version
解决方案:
把原来TSLv1.0协议升级成1.1 or1.2即可。
SSLContext sslContext = SSLContexts.custom().useTLS().build();
SSLConnectionSocketFactory f = new SSLConnectionSocketFactory(sslContext, new String[] { "TLSv1.2" }, null,
null);
CloseableHttpClient client = HttpClients.custom().setSSLSocketFactory(f).build();
直接贴修改前后的代码:
原始使用的HttpClient版本叫老,默认1.0,且没有重新设置TSL协议版本的地方;为了升级,使用CloseableHttpClient ,且引入SSLContext 。
修改前:
public static String postJosnOld(String url,String jsonString) throws Exception{
HttpClient client = new HttpClient();
PostMethod myPost = new PostMethod(url);
//设置请求超时时间 15秒
client.getHttpConnectionManager().getParams().setConnectionTimeout(15000);
String responseString = null;
//设置请求头部类型
myPost.setRequestHeader("Content-Type","application/json;charset=utf-8");
myPost.setRequestHeader("charset","utf-8");
myPost.setRequestEntity(new StringRequestEntity(jsonString,"text/json","utf-8"));
int statusCode = client.executeMethod(myPost);
if(statusCode == HttpStatus.SC_OK){
BufferedInputStream bis = new BufferedInputStream(myPost.getResponseBodyAsStream());
byte[] bytes = new byte[1024];
ByteArrayOutputStream bos = new ByteArrayOutputStream();
int count = 0;
while((count = bis.read(bytes))!= -1){
bos.write(bytes, 0, count);
}
byte[] strByte = bos.toByteArray();
responseString = new String(strByte,0,strByte.length,"utf-8");
bos.close();
bis.close();
}
myPost.releaseConnection();
return responseString;
}
修改后:
public static String postJosn(String url, String jsonString) throws Exception {
SSLContext sslContext = SSLContexts.custom().useTLS().build();
SSLConnectionSocketFactory f = new SSLConnectionSocketFactory(sslContext, new String[] { "TLSv1.2" }, null,
null);
CloseableHttpClient client = HttpClients.custom().setSSLSocketFactory(f).build();
HttpPost myPost = new HttpPost(url);
myPost.setHeader(HTTP.CONTENT_TYPE, "application/json;charset=utf-8");
myPost.setHeader("charset", "utf-8");
StringEntity s = new StringEntity(jsonString, "utf-8");
s.setContentEncoding("UTF-8");
s.setContentType("application/json;charset=utf-8");
myPost.addHeader("Content-Type", "application/json;charset=utf-8");
myPost.setEntity(s);
HttpResponse res = client.execute(myPost);
HttpEntity entity = res.getEntity();
myPost.releaseConnection();
return EntityUtils.toString(entity, "utf-8");
}