由于替换测试服务器地址-报错 okhttp version 3.11.0
javax.net.ssl.SSLHandshakeException: Read error: ssl=0x74cae66bc8: Failure in SSL library, usually a protocol error
error:1000042e:SSL routines:OPENSSL_internal:TLSV1_ALERT_PROTOCOL_VERSION (external/boringssl/src/ssl/tls_record.cc:594 0x74cf01cc08:0x00000001)
// 创建信任所有证书的 TrustManager 未解决此问题
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
}
};
// 创建自定义的 SSLSocketFactory
SSLContext sslContext = null;
try {
sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, trustAllCerts, new SecureRandom());
SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
client = new OkHttpClient.Builder()
.sslSocketFactory(sslSocketFactory, (X509TrustManager)
trustAllCerts[0])
.hostnameVerifier((hostname, session) -> true)
} catch (NoSuchAlgorithmException | KeyManagementException e) {
e.printStackTrace();
}
// 通过将 TlsVersion.TLS_1_3 添加到 tlsVersions 中、解决此问题
ConnectionSpec.Builder connectionSpecBuilder = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
.tlsVersions(TlsVersion.TLS_1_0,TlsVersion.TLS_1_1,TlsVersion.TLS_1_2,TlsVersion.TLS_1_3);
client = new OkHttpClient.Builder()
.connectionSpecs(Collections.singletonList(connectionSpecBuilder.build()))
//okhttp 启用明文传输
ConnectionSpec.Builder connectionSpecBuilder = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
.tlsVersions(TlsVersion.TLS_1_0, TlsVersion.TLS_1_1, TlsVersion.TLS_1_2, TlsVersion.TLS_1_3);
ConnectionSpec spec = new ConnectionSpec.Builder(ConnectionSpec.CLEARTEXT)
.build();//启用明文传输
OkHttpClient.Builder clientBuilder = new OkHttpClient.Builder()
.connectionSpecs(Arrays.asList(spec, connectionSpecBuilder.build()))
.sslSocketFactory(sslSocketFactory, (X509TrustManager) trustAllCerts[0])
.hostnameVerifier((hostname, session) -> true)
.addInterceptor(new HeaderInterceptor()) // 公共header处理
.connectTimeout(30, TimeUnit.SECONDS)
.writeTimeout(5 * 60, TimeUnit.SECONDS)
.readTimeout(5 * 60, TimeUnit.SECONDS)
.retryOnConnectionFailure(true);
网友评论