Java 7 oracle不支持TLSv1.2

Question

Java 7 oracle不支持TLSv1.2。 我一直在试图运行我的代码，我曾尝试以下的事情：

System.setProperty("deployment.security.TLSv1.1", "false") 
    System.setProperty("deployment.security.TLSv1", "false") 
    System.setProperty("deployment.security.TLSv1.2", "true") 
    System.setProperty("https.protocols", "TLSv1.2") 
    System.setProperty("https.cipherSuites", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,AES_256_GCM,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384") 

，并没有帮助。

如何强制我的Java7应用程序使用Tlsv1.2。我可以使用java8运行我的程序，默认情况下使用TLS1.2，一切正常。

如何在oracle中从Java7中执行此操作。

我也尝试过去/usr/lib/jvm/java-7-oracle/jre/lib/security和禁用jdk.tls.disabledAlgorithms=SSLv2Hello, SSLv3, TLSv1但它仍然无法正常工作。

我什么东错了？

顺便说一句，我得到sslhandshakeexception-handshake-failure

编辑：

错误：

0000: 02 28            .(
main, READ: TLSv1 Alert, length = 2 
main, RECV TLSv1 ALERT: fatal, handshake_failure 
main, called closeSocket() 
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure 
166 [main] DEBUG org.apache.http.impl.conn.DefaultClientConnection - Connection org.apache.http.impl.conn.DefaultClientConnection@6b18e1c6 closed 
166 [main] DEBUG org.apache.http.impl.conn.DefaultClientConnection - Connection org.apache.http.impl.conn.DefaultClientConnection@6b18e1c6 shut down 
main, called close() 
main, called closeInternal(true) 


[main] DEBUG org.apache.http.impl.conn.BasicClientConnectionManager - Releasing connection org.apache.http.impl.conn.ManagedClientConnectionImpl@1f2dc289 
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) 
     at sun.security.ssl.Alerts.getSSLException(Alerts.java:154) 
     at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1979) 
     at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1086) 
     at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332) 
     at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359) 
     at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343) 
     at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:533) 
     at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:401) 
     at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:177) 
     at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:304) 
     at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:611) 
     at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446) 
     at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:863) 
     at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:72) 
     at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:214) 
     at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:160) 

Answer 1

我会回答我的问题柜面有人有类似的问题：

我花了2天尝试一切，我终于想通了。

在Java-7-oracle它不可能使用TLS1.2。即使使用系统属性进行配置，甚至在SSLContext级别进行设置也无济于事。他们的支持非常糟糕。虽然在Java-8-oracle，这是可能的。

简单地将我的java更改为java-7-openjdk-amd64为我做了诀窍。

Answer 2

我遇到同样的问题，因为我正在使用Apache HTTP客户端库我的请求，我解决了它以这种方式初始化我的HttpClient

CloseableHttpClient client = HttpClients.custom() 
           .setSSLSocketFactory(getSSLContext()) 
           .build(); 

其中getSSLContext()的方法是这样

Answer 3

你可以升级你的Java 7版本1.7.0_131-B31

对于JRE 1.7.0_131-B31在甲骨文网站：

TLSv1.2 and TLSv1.1 are now enabled by default on the TLS client end-points. This is similar behavior to what already happens in JDK 8 releases.