美文网首页
2024-05-20 - 解决javax.net.ssl.SSL

2024-05-20 - 解决javax.net.ssl.SSL

作者: 逆光_初见 | 来源:发表于2024-05-19 23:39 被阅读0次

    由于替换测试服务器地址-报错 okhttp version 3.11.0

    javax.net.ssl.SSLHandshakeException: Read error: ssl=0x74cae66bc8: Failure in SSL library, usually a protocol error
    error:1000042e:SSL routines:OPENSSL_internal:TLSV1_ALERT_PROTOCOL_VERSION (external/boringssl/src/ssl/tls_record.cc:594 0x74cf01cc08:0x00000001)
    

    // 创建信任所有证书的 TrustManager 未解决此问题

           TrustManager[] trustAllCerts = new TrustManager[]{
                   new X509TrustManager() {
                       @Override
                       public void checkClientTrusted(X509Certificate[] chain, String authType) {
                       }
    
                       @Override
                       public void checkServerTrusted(X509Certificate[] chain, String authType) {
                       }
    
                       @Override
                       public X509Certificate[] getAcceptedIssuers() {
                           return new X509Certificate[0];
                       }
                   }
           };
    
    // 创建自定义的 SSLSocketFactory
           SSLContext sslContext = null;
           try {
               sslContext = SSLContext.getInstance("TLS");
               sslContext.init(null, trustAllCerts, new SecureRandom());
               SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
               client = new OkHttpClient.Builder()   
                           .sslSocketFactory(sslSocketFactory, (X509TrustManager)             
                           trustAllCerts[0])
                           .hostnameVerifier((hostname, session) -> true)
    
               } catch (NoSuchAlgorithmException | KeyManagementException e) {
               e.printStackTrace();
           }
    

    // 通过将 TlsVersion.TLS_1_3 添加到 tlsVersions 中、解决此问题

     ConnectionSpec.Builder connectionSpecBuilder = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
                            .tlsVersions(TlsVersion.TLS_1_0,TlsVersion.TLS_1_1,TlsVersion.TLS_1_2,TlsVersion.TLS_1_3);
    
      client = new OkHttpClient.Builder()
                            .connectionSpecs(Collections.singletonList(connectionSpecBuilder.build()))
    

    //okhttp 启用明文传输

    ConnectionSpec.Builder connectionSpecBuilder = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
        .tlsVersions(TlsVersion.TLS_1_0, TlsVersion.TLS_1_1, TlsVersion.TLS_1_2, TlsVersion.TLS_1_3);
    
     ConnectionSpec spec = new ConnectionSpec.Builder(ConnectionSpec.CLEARTEXT)
        .build();//启用明文传输
    
    OkHttpClient.Builder clientBuilder = new OkHttpClient.Builder()
        .connectionSpecs(Arrays.asList(spec, connectionSpecBuilder.build()))
        .sslSocketFactory(sslSocketFactory, (X509TrustManager) trustAllCerts[0])
        .hostnameVerifier((hostname, session) -> true)
        .addInterceptor(new HeaderInterceptor()) // 公共header处理
        .connectTimeout(30, TimeUnit.SECONDS)
        .writeTimeout(5 * 60, TimeUnit.SECONDS)
        .readTimeout(5 * 60, TimeUnit.SECONDS)
        .retryOnConnectionFailure(true);
    

    相关文章

      网友评论

          本文标题:2024-05-20 - 解决javax.net.ssl.SSL

          本文链接:https://www.haomeiwen.com/subject/ahlnfjtx.html