终极解决方案:java.security.cert.CertificateException: Certificates does not conform to algorithm constraints
报错信息
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificates does not conform to algorithm constraints
原因:
JDK7/8后添加了安全机制,导致这个问题出现
解决方案:
方案一:
把$JAVA_HOME/jre/lib/security/java.security 文件里的jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048,改成jdk.certpath.disabledAlgorithms=,去掉 "MD2, DSA, RSA keySize < 2048"
方案二:方案一没有用再用方案二
把$JAVA_HOME/jre/lib/security/java.security 文件里
jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024 jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768
改为
jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024 jdk.tls.disabledAlgorithms=SSLv3, RC4, DH keySize < 768