我正在尝试在使用 JBoss 6.4 和 Java 1.7 的网络应用程序中启用 TLS 1.2.我的应用程序环境中有 -Dhttp.protocols = TLSv1.2 但它似乎对我不起作用.
I am trying to enable TLS 1.2 in my web app which uses JBoss 6.4 and Java 1.7. I have -Dhttp.protocols = TLSv1.2 in my application environment but it doesn't seem to work for me.
我可以做些什么来启用 TLS 1.2?
Is there anything I could do to enable TLS 1.2?
我写了一个简单的程序
context = SSLContext.getInstance("TLSv1.2"); context.init(null,null,null); SSLContext.setDefault(context); SSLSocketFactory factory = (SSLSocketFactory)context.getSocketFactory(); SSLSocket socket = (SSLSocket)factory.createSocket(); protocols = socket.getEnabledProtocols();在应用程序中运行此程序后,TLS 1.2 将启用.我不想运行这个程序,但我想在应用程序启动时直接启用它.有什么办法吗?
After running this program within the app the TLS 1.2 gets enabled. I do not want to run this program but I want to directly enable it during app startup. Is there any way to do it?
推荐答案有很多建议,但我发现其中最常见的有两个.
There are many suggestions but I found two of them most common.
我第一次尝试 export JAVA_OPTS="-Dhttps.protocols=SSLv3,TLSv1,TLSv1.1,TLSv1.2" 在程序启动之前在命令行上,但它对我不起作用.
I first tried export JAVA_OPTS="-Dhttps.protocols=SSLv3,TLSv1,TLSv1.1,TLSv1.2" on command line before startup of program but it didn't work for me.
然后我在启动类构造函数中添加了以下代码,它对我有用.
Then I added the following code in the startup class constructor and it worked for me.
try { SSLContext ctx = SSLContext.getInstance("TLSv1.2"); ctx.init(null, null, null); SSLContext.setDefault(ctx); } catch (Exception e) { System.out.println(e.getMessage()); }坦率地说,我不知道为什么 ctx.init(null, null, null); 但所有 (SSL/TLS) 对我来说都很好.
Frankly, I don't know in detail why ctx.init(null, null, null); but all (SSL/TLS) is working fine for me.
还有一个选项:System.setProperty("https.protocols", "SSLv3,TLSv1,TLSv1.1,TLSv1.2");.它也将进入代码,但我没有尝试过.
There is one more option: System.setProperty("https.protocols", "SSLv3,TLSv1,TLSv1.1,TLSv1.2");. It will also go in code but I've not tried it.
更多推荐
如何在 Java 7 中启用 TLS 1.2
发布评论