当前位置: 代码网 > it编程>编程语言>Java > java.io.EOFException: SSL peer shut down incorrectly jdk1.8不支持TSLv1.3问题解决

java.io.EOFException: SSL peer shut down incorrectly jdk1.8不支持TSLv1.3问题解决

2024年08月06日 Java 我要评论
可看到日志No available cipher suite for TLS13 没有可用的TLSv1.3 协议所导致的。需要提及如切换到JDK11 或更高版本是禁用SSLv3, TLSv1, TLSv1.1,想要使用解决如下。jdk.tls.disabledAlgorithms参数 对应需要使用协议删除保存即可。.ssl.SSLHandshakeException ,启动项增加。java.security 文件在系统中的目录路径位于。java.security 文件在系统中的目录路径。

场景

使用rescu(java (jax-rs) rest 服务框架)调用www.derbit.com 使用墙导致报错

  • 本地环境

  • jdk adoptopenjdk-8.jdk

  • 报错如下

12:09:19.321 [main] debug si.mazi.rescu.httptemplate - executing get request at <https://www.deribit.com/api/v2/public/get_order_book?instrument_name=btc-perpetual>
javax.net.ssl.sslhandshakeexception: remote host terminated the handshake
	at java.base/sun.security.ssl.sslsocketimpl.handleeof(sslsocketimpl.java:1696)
	at java.base/sun.security.ssl.sslsocketimpl.decode(sslsocketimpl.java:1514)
	at java.base/sun.security.ssl.sslsocketimpl.readhandshakerecord(sslsocketimpl.java:1416)
	at java.base/sun.security.ssl.sslsocketimpl.starthandshake(sslsocketimpl.java:456)
	at java.base/sun.security.ssl.sslsocketimpl.starthandshake(sslsocketimpl.java:427)
	at java.base/sun.net.www.protocol.https.httpsclient.afterconnect(httpsclient.java:572)
	at java.base/sun.net.www.protocol.https.abstractdelegatehttpsurlconnection.connect(abstractdelegatehttpsurlconnection.java:201)
	at java.base/sun.net.www.protocol.http.httpurlconnection.getinputstream0(httpurlconnection.java:1592)
	at java.base/sun.net.www.protocol.http.httpurlconnection.getinputstream(httpurlconnection.java:1520)
	at java.base/java.net.httpurlconnection.getresponsecode(httpurlconnection.java:527)
	at java.base/sun.net.www.protocol.https.httpsurlconnectionimpl.getresponsecode(httpsurlconnectionimpl.java:334)
	at si.mazi.rescu.httptemplate.receive(httptemplate.java:122)
	at si.mazi.rescu.restinvocationhandler.receiveandmap(restinvocationhandler.java:162)
	at si.mazi.rescu.restinvocationhandler.invoke(restinvocationhandler.java:119)
	at com.sun.proxy.$proxy17.getorderbook(unknown source)
	at org.market.hedge.deribit.perpetualswap.service.deribitperpetualswapmarketdataserviceraw.getderibitorderbook(deribitperpetualswapmarketdataserviceraw.java:35)
	at org.market.hedge.deribit.perpetualswap.service.deribitperpetualswapmarketdataservice.getorderbook(deribitperpetualswapmarketdataservice.java:33)
	at org.market.hedge.deribit.swap.deribitmarketdatatest.getderibitorderbooktest(deribitmarketdatatest.java:42)
	at java.base/jdk.internal.reflect.nativemethodaccessorimpl.invoke0(native method)
	at java.base/jdk.internal.reflect.nativemethodaccessorimpl.invoke(nativemethodaccessorimpl.java:62)
	at java.base/jdk.internal.reflect.delegatingmethodaccessorimpl.invoke(delegatingmethodaccessorimpl.java:43)
	at java.base/java.lang.reflect.method.invoke(method.java:566)
	at org.junit.runners.model.frameworkmethod$1.runreflectivecall(frameworkmethod.java:59)
	at org.junit.internal.runners.model.reflectivecallable.run(reflectivecallable.java:12)
	at org.junit.runners.model.frameworkmethod.invokeexplosively(frameworkmethod.java:56)
	at org.junit.internal.runners.statements.invokemethod.evaluate(invokemethod.java:17)
	at org.junit.runners.parentrunner$3.evaluate(parentrunner.java:306)
	at org.junit.runners.blockjunit4classrunner$1.evaluate(blockjunit4classrunner.java:100)
	at org.junit.runners.parentrunner.runleaf(parentrunner.java:366)
	at org.junit.runners.blockjunit4classrunner.runchild(blockjunit4classrunner.java:103)
	at org.junit.runners.blockjunit4classrunner.runchild(blockjunit4classrunner.java:63)
	at org.junit.runners.parentrunner$4.run(parentrunner.java:331)
	at org.junit.runners.parentrunner$1.schedule(parentrunner.java:79)
	at org.junit.runners.parentrunner.runchildren(parentrunner.java:329)
	at org.junit.runners.parentrunner.access$100(parentrunner.java:66)
	at org.junit.runners.parentrunner$2.evaluate(parentrunner.java:293)
	at org.junit.runners.parentrunner$3.evaluate(parentrunner.java:306)
	at org.junit.runners.parentrunner.run(parentrunner.java:413)
	at org.junit.runner.junitcore.run(junitcore.java:137)
	at com.intellij.junit4.junit4ideatestrunner.startrunnerwithargs(junit4ideatestrunner.java:69)
	at com.intellij.rt.junit.ideatestrunner$repeater.startrunnerwithargs(ideatestrunner.java:33)
	at com.intellij.rt.junit.junitstarter.preparestreamsandstart(junitstarter.java:235)
	at com.intellij.rt.junit.junitstarter.main(junitstarter.java:54)
caused by: java.io.eofexception: ssl peer shut down incorrectly
	at java.base/sun.security.ssl.sslsocketinputrecord.read(sslsocketinputrecord.java:483)
	at java.base/sun.security.ssl.sslsocketinputrecord.readheader(sslsocketinputrecord.java:472)
	at java.base/sun.security.ssl.sslsocketinputrecord.decode(sslsocketinputrecord.java:160)
	at java.base/sun.security.ssl.ssltransport.decode(ssltransport.java:111)
	at java.base/sun.security.ssl.sslsocketimpl.decode(sslsocketimpl.java:1506)
	... 41 more

排查过程

1. 启动项增加-djavax.net.debug=ssl,handshake debug 排查

首先看到是javax.net.ssl.sslhandshakeexception ,启动项增加-djavax.net.debug=ssl,handshake deubg 输出日志排查

  • 控制台输出如下

12:16:53.147 [main] debug si.mazi.rescu.httptemplate - executing get request at <https://www.deribit.com/api/v2/public/get_order_book?instrument_name=btc-perpetual>
javax.net.ssl|fine|01|main|2023-01-07 12:16:53.202 cst|sslcipher.java:438|jdk.tls.keylimits:  entry = aes/gcm/nopadding keyupdate 2^37. aes/gcm/nopadding:keyupdate = 137438953472
javax.net.ssl|fine|01|main|2023-01-07 12:16:53.370 cst|utilities.java:73|the previous server name in sni (type=host_name (0), value=www.deribit.com) was replaced with (type=host_name (0), value=www.deribit.com)
javax.net.ssl|fine|01|main|2023-01-07 12:16:53.372 cst|handshakecontext.java:304|no available cipher suite for tls13
javax.net.ssl|fine|01|main|2023-01-07 12:16:53.397 cst|sslextensions.java:260|ignore, context unavailable extension: status_request
javax.net.ssl|warning|01|main|2023-01-07 12:16:53.402 cst|signaturescheme.java:297|signature algorithm, ed25519, is not supported by the underlying providers
javax.net.ssl|warning|01|main|2023-01-07 12:16:53.402 cst|signaturescheme.java:297|signature algorithm, ed448, is not supported by the underlying providers
javax.net.ssl|info|01|main|2023-01-07 12:16:53.408 cst|alpnextension.java:161|no available application protocols
javax.net.ssl|fine|01|main|2023-01-07 12:16:53.408 cst|sslextensions.java:260|ignore, context unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|fine|01|main|2023-01-07 12:16:53.408 cst|sslextensions.java:260|ignore, context unavailable extension: status_request_v2
javax.net.ssl|fine|01|main|2023-01-07 12:16:53.408 cst|sslextensions.java:260|ignore, context unavailable extension: renegotiation_info
javax.net.ssl|fine|01|main|2023-01-07 12:16:53.410 cst|clienthello.java:575|produced clienthello handshake message (
"clienthello": {
  "client version"      : "tlsv1.2",
  "random"              : "50 ba 4b 6e df 0a ed 79 36 c8 de 59 66 c1 4d 06 00 0c 9e cf 91 82 28 49 4c a2 bf 60 26 e2 6a 9c",
  "session id"          : "",
  "cipher suites"       : "[tls_ecdhe_ecdsa_with_aes_256_gcm_sha384(0xc02c), tls_ecdhe_ecdsa_with_aes_128_gcm_sha256(0xc02b), tls_ecdhe_rsa_with_aes_256_gcm_sha384(0xc030), tls_rsa_with_aes_256_gcm_sha384(0x009d), tls_ecdh_ecdsa_with_aes_256_gcm_sha384(0xc02e), tls_ecdh_rsa_with_aes_256_gcm_sha384(0xc032), tls_dhe_rsa_with_aes_256_gcm_sha384(0x009f), tls_dhe_dss_with_aes_256_gcm_sha384(0x00a3), tls_ecdhe_rsa_with_aes_128_gcm_sha256(0xc02f), tls_rsa_with_aes_128_gcm_sha256(0x009c), tls_ecdh_ecdsa_with_aes_128_gcm_sha256(0xc02d), tls_ecdh_rsa_with_aes_128_gcm_sha256(0xc031), tls_dhe_rsa_with_aes_128_gcm_sha256(0x009e), tls_dhe_dss_with_aes_128_gcm_sha256(0x00a2), tls_ecdhe_ecdsa_with_aes_256_cbc_sha384(0xc024), tls_ecdhe_rsa_with_aes_256_cbc_sha384(0xc028), tls_rsa_with_aes_256_cbc_sha256(0x003d), tls_ecdh_ecdsa_with_aes_256_cbc_sha384(0xc026), tls_ecdh_rsa_with_aes_256_cbc_sha384(0xc02a), tls_dhe_rsa_with_aes_256_cbc_sha256(0x006b), tls_dhe_dss_with_aes_256_cbc_sha256(0x006a), tls_ecdhe_ecdsa_with_aes_256_cbc_sha(0xc00a), tls_ecdhe_rsa_with_aes_256_cbc_sha(0xc014), tls_rsa_with_aes_256_cbc_sha(0x0035), tls_ecdh_ecdsa_with_aes_256_cbc_sha(0xc005), tls_ecdh_rsa_with_aes_256_cbc_sha(0xc00f), tls_dhe_rsa_with_aes_256_cbc_sha(0x0039), tls_dhe_dss_with_aes_256_cbc_sha(0x0038), tls_ecdhe_ecdsa_with_aes_128_cbc_sha256(0xc023), tls_ecdhe_rsa_with_aes_128_cbc_sha256(0xc027), tls_rsa_with_aes_128_cbc_sha256(0x003c), tls_ecdh_ecdsa_with_aes_128_cbc_sha256(0xc025), tls_ecdh_rsa_with_aes_128_cbc_sha256(0xc029), tls_dhe_rsa_with_aes_128_cbc_sha256(0x0067), tls_dhe_dss_with_aes_128_cbc_sha256(0x0040), tls_ecdhe_ecdsa_with_aes_128_cbc_sha(0xc009), tls_ecdhe_rsa_with_aes_128_cbc_sha(0xc013), tls_rsa_with_aes_128_cbc_sha(0x002f), tls_ecdh_ecdsa_with_aes_128_cbc_sha(0xc004), tls_ecdh_rsa_with_aes_128_cbc_sha(0xc00e), tls_dhe_rsa_with_aes_128_cbc_sha(0x0033), tls_dhe_dss_with_aes_128_cbc_sha(0x0032), tls_empty_renegotiation_info_scsv(0x00ff)]",
  "compression methods" : "00",
  "extensions"          : [
    "server_name (0)": {
      type=host_name (0), value=www.deribit.com
    },
    "supported_groups (10)": {
      "versions": [secp256r1, secp384r1, secp521r1, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192]
    },
    "ec_point_formats (11)": {
      "formats": [uncompressed]
    },
    "signature_algorithms (13)": {
      "signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
    },
    "signature_algorithms_cert (50)": {
      "signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
    },
    "extended_master_secret (23)": {
      <empty>
    },
    "supported_versions (43)": {
      "versions": [tlsv1.2, tlsv1.1, tlsv1, sslv3]
    }
  ]
}
)
javax.net.ssl|severe|01|main|2023-01-07 12:16:58.146 cst|transportcontext.java:316|fatal (handshake_failure): couldn't kickstart handshaking (
"throwable" : {
  javax.net.ssl.sslhandshakeexception: remote host terminated the handshake
  	at sun.security.ssl.sslsocketimpl.handleeof(sslsocketimpl.java:1561)
  	at sun.security.ssl.sslsocketimpl.decode(sslsocketimpl.java:1391)
  	at sun.security.ssl.sslsocketimpl.readhandshakerecord(sslsocketimpl.java:1291)
  	at sun.security.ssl.sslsocketimpl.starthandshake(sslsocketimpl.java:435)
  	at sun.net.www.protocol.https.httpsclient.afterconnect(httpsclient.java:559)
  	at sun.net.www.protocol.https.abstractdelegatehttpsurlconnection.connect(abstractdelegatehttpsurlconnection.java:197)
  	at sun.net.www.protocol.http.httpurlconnection.getinputstream0(httpurlconnection.java:1570)
  	at sun.net.www.protocol.http.httpurlconnection.getinputstream(httpurlconnection.java:1498)
  	at java.net.httpurlconnection.getresponsecode(httpurlconnection.java:480)
  	at sun.net.www.protocol.https.httpsurlconnectionimpl.getresponsecode(httpsurlconnectionimpl.java:352)
  	at si.mazi.rescu.httptemplate.receive(httptemplate.java:122)
  	at si.mazi.rescu.restinvocationhandler.receiveandmap(restinvocationhandler.java:162)
  	at si.mazi.rescu.restinvocationhandler.invoke(restinvocationhandler.java:119)
  	at com.sun.proxy.$proxy14.getorderbook(unknown source)
  	at org.market.hedge.deribit.perpetualswap.service.deribitperpetualswapmarketdataserviceraw.getderibitorderbook(deribitperpetualswapmarketdataserviceraw.java:35)
  	at org.market.hedge.deribit.perpetualswap.service.deribitperpetualswapmarketdataservice.getorderbook(deribitperpetualswapmarketdataservice.java:33)
  	at org.market.hedge.deribit.swap.deribitmarketdatatest.getderibitorderbooktest(deribitmarketdatatest.java:42)
  	at sun.reflect.nativemethodaccessorimpl.invoke0(native method)
  	at sun.reflect.nativemethodaccessorimpl.invoke(nativemethodaccessorimpl.java:62)
  	at sun.reflect.delegatingmethodaccessorimpl.invoke(delegatingmethodaccessorimpl.java:43)
  	at java.lang.reflect.method.invoke(method.java:498)
  	at org.junit.runners.model.frameworkmethod$1.runreflectivecall(frameworkmethod.java:59)
  	at org.junit.internal.runners.model.reflectivecallable.run(reflectivecallable.java:12)
  	at org.junit.runners.model.frameworkmethod.invokeexplosively(frameworkmethod.java:56)
  	at org.junit.internal.runners.statements.invokemethod.evaluate(invokemethod.java:17)
  	at org.junit.runners.parentrunner$3.evaluate(parentrunner.java:306)
  	at org.junit.runners.blockjunit4classrunner$1.evaluate(blockjunit4classrunner.java:100)
  	at org.junit.runners.parentrunner.runleaf(parentrunner.java:366)
  	at org.junit.runners.blockjunit4classrunner.runchild(blockjunit4classrunner.java:103)
  	at org.junit.runners.blockjunit4classrunner.runchild(blockjunit4classrunner.java:63)
  	at org.junit.runners.parentrunner$4.run(parentrunner.java:331)
  	at org.junit.runners.parentrunner$1.schedule(parentrunner.java:79)
  	at org.junit.runners.parentrunner.runchildren(parentrunner.java:329)
  	at org.junit.runners.parentrunner.access$100(parentrunner.java:66)
  	at org.junit.runners.parentrunner$2.evaluate(parentrunner.java:293)
  	at org.junit.runners.parentrunner$3.evaluate(parentrunner.java:306)
  	at org.junit.runners.parentrunner.run(parentrunner.java:413)
  	at org.junit.runner.junitcore.run(junitcore.java:137)
  	at com.intellij.junit4.junit4ideatestrunner.startrunnerwithargs(junit4ideatestrunner.java:69)
  	at com.intellij.rt.junit.ideatestrunner$repeater.startrunnerwithargs(ideatestrunner.java:33)
  	at com.intellij.rt.junit.junitstarter.preparestreamsandstart(junitstarter.java:235)
  	at com.intellij.rt.junit.junitstarter.main(junitstarter.java:54)
  caused by: java.io.eofexception: ssl peer shut down incorrectly
  	at sun.security.ssl.sslsocketinputrecord.decode(sslsocketinputrecord.java:167)
  	at sun.security.ssl.ssltransport.decode(ssltransport.java:109)
  	at sun.security.ssl.sslsocketimpl.decode(sslsocketimpl.java:1383)
  	... 40 more}

)
javax.net.ssl|fine|01|main|2023-01-07 12:16:58.147 cst|sslsocketimpl.java:1601|close the underlying socket
javax.net.ssl|fine|01|main|2023-01-07 12:16:58.147 cst|sslsocketimpl.java:1620|close the ssl connection (initiative)
javax.net.ssl.sslhandshakeexception: remote host terminated the handshake
	at sun.security.ssl.sslsocketimpl.handleeof(sslsocketimpl.java:1561)
	at sun.security.ssl.sslsocketimpl.decode(sslsocketimpl.java:1391)
	at sun.security.ssl.sslsocketimpl.readhandshakerecord(sslsocketimpl.java:1291)
	at sun.security.ssl.sslsocketimpl.starthandshake(sslsocketimpl.java:435)
	at sun.net.www.protocol.https.httpsclient.afterconnect(httpsclient.java:559)
	at sun.net.www.protocol.https.abstractdelegatehttpsurlconnection.connect(abstractdelegatehttpsurlconnection.java:197)
	at sun.net.www.protocol.http.httpurlconnection.getinputstream0(httpurlconnection.java:1570)
	at sun.net.www.protocol.http.httpurlconnection.getinputstream(httpurlconnection.java:1498)
	at java.net.httpurlconnection.getresponsecode(httpurlconnection.java:480)
	at sun.net.www.protocol.https.httpsurlconnectionimpl.getresponsecode(httpsurlconnectionimpl.java:352)
	at si.mazi.rescu.httptemplate.receive(httptemplate.java:122)
	at si.mazi.rescu.restinvocationhandler.receiveandmap(restinvocationhandler.java:162)
	at si.mazi.rescu.restinvocationhandler.invoke(restinvocationhandler.java:119)
	at com.sun.proxy.$proxy14.getorderbook(unknown source)
	at org.market.hedge.deribit.perpetualswap.service.deribitperpetualswapmarketdataserviceraw.getderibitorderbook(deribitperpetualswapmarketdataserviceraw.java:35)
	at org.market.hedge.deribit.perpetualswap.service.deribitperpetualswapmarketdataservice.getorderbook(deribitperpetualswapmarketdataservice.java:33)
	at org.market.hedge.deribit.swap.deribitmarketdatatest.getderibitorderbooktest(deribitmarketdatatest.java:42)
	at sun.reflect.nativemethodaccessorimpl.invoke0(native method)
	at sun.reflect.nativemethodaccessorimpl.invoke(nativemethodaccessorimpl.java:62)
	at sun.reflect.delegatingmethodaccessorimpl.invoke(delegatingmethodaccessorimpl.java:43)
	at java.lang.reflect.method.invoke(method.java:498)
	at org.junit.runners.model.frameworkmethod$1.runreflectivecall(frameworkmethod.java:59)
	at org.junit.internal.runners.model.reflectivecallable.run(reflectivecallable.java:12)
	at org.junit.runners.model.frameworkmethod.invokeexplosively(frameworkmethod.java:56)
	at org.junit.internal.runners.statements.invokemethod.evaluate(invokemethod.java:17)
	at org.junit.runners.parentrunner$3.evaluate(parentrunner.java:306)
	at org.junit.runners.blockjunit4classrunner$1.evaluate(blockjunit4classrunner.java:100)
	at org.junit.runners.parentrunner.runleaf(parentrunner.java:366)
	at org.junit.runners.blockjunit4classrunner.runchild(blockjunit4classrunner.java:103)
	at org.junit.runners.blockjunit4classrunner.runchild(blockjunit4classrunner.java:63)
	at org.junit.runners.parentrunner$4.run(parentrunner.java:331)
	at org.junit.runners.parentrunner$1.schedule(parentrunner.java:79)
	at org.junit.runners.parentrunner.runchildren(parentrunner.java:329)
	at org.junit.runners.parentrunner.access$100(parentrunner.java:66)
	at org.junit.runners.parentrunner$2.evaluate(parentrunner.java:293)
	at org.junit.runners.parentrunner$3.evaluate(parentrunner.java:306)
	at org.junit.runners.parentrunner.run(parentrunner.java:413)
	at org.junit.runner.junitcore.run(junitcore.java:137)
	at com.intellij.junit4.junit4ideatestrunner.startrunnerwithargs(junit4ideatestrunner.java:69)
	at com.intellij.rt.junit.ideatestrunner$repeater.startrunnerwithargs(ideatestrunner.java:33)
	at com.intellij.rt.junit.junitstarter.preparestreamsandstart(junitstarter.java:235)
	at com.intellij.rt.junit.junitstarter.main(junitstarter.java:54)
caused by: java.io.eofexception: ssl peer shut down incorrectly
	at sun.security.ssl.sslsocketinputrecord.decode(sslsocketinputrecord.java:167)
	at sun.security.ssl.ssltransport.decode(ssltransport.java:109)
	at sun.security.ssl.sslsocketimpl.decode(sslsocketimpl.java:1383)
	... 40 more

可看到日志no available cipher suite for tls13 没有可用的tlsv1.3 协议所导致的。

no available cipher suite for tls13 没有可用的tlsv1.3 协议所导致

2. 查看jdk支持tls版

sslcontext context1 = sslcontext.getinstance("tls");
context1.init(null, null, null);
string[] supportedprotocols = context1.getdefaultsslparameters().getprotocols();
system.out.println("enabled protocol: "+arrays.tostring(supportedprotocols));

# console 
# enabled protocol: [tlsv1.2, tlsv1.1, tlsv1, sslv3]

jdk1.8 不支持tlsv1.3

3. java https请求默认使用的tls版本

解决方案

1.切换jdk版本

需要提及如切换到jdk11 或更高版本是禁用sslv3, tlsv1, tlsv1.1,想要使用解决如下

第一种解决方案

  • jdk11 或更高版本java.security 文件在系统中的目录路径位于

  • $java_home/conf/security/java.security

  • jdk.tls.disabledalgorithms参数 对应需要使用协议删除保存即可

jdk.tls.disabledalgorithms=sslv3, tlsv1, tlsv1.1, rc4, des, md5withrsa, \\
    dh keysize < 1024, ec keysize < 224, 3des_ede_cbc, anon, null
第二种解决方案

  • 启用自定义安全配置

  • 启动项增加

-djava.security.properties=/path/to/your/es.java.security

2.不切换jdk情况下更改java.security增加azul的openjsse lib对tslv1.3的支持

  • 当然还有其他jdk版本也支持tslv1.3,本文以azul的jdk se 8为例子

  • 将openjsse增加到java.security文件第一个位置

  • jdk8java.security 文件在系统中的目录路径

  • $java_home/jre/lib/security/java.security

security.provider.1=org.openjsse.net.ssl.openjsse

(0)

相关文章:

版权声明:本文内容由互联网用户贡献,该文观点仅代表作者本人。本站仅提供信息存储服务,不拥有所有权,不承担相关法律责任。 如发现本站有涉嫌抄袭侵权/违法违规的内容, 请发送邮件至 2386932994@qq.com 举报,一经查实将立刻删除。

发表评论

验证码:
最近更新的文章
推荐阅读
大家感兴趣的文章
Copyright © 2017-2025  代码网 保留所有权利. 粤ICP备2024248653号
站长QQ:2386932994 | 联系邮箱:2386932994@qq.com