2 waterful 1984 waterful_1984 于 2015.06.16 23:03 提问

HttpClient如何指定CipherSuites 3C

代码如下:
HttpClient httpclient = new DefaultHttpClient();

        SSLContext ctx = SSLContext.getInstance("TLS");
        X509TrustManager tm = new X509TrustManager() {  
            public void checkClientTrusted(X509Certificate[] xcs,  
                    String string) throws CertificateException {  
            }  
            public void checkServerTrusted(X509Certificate[] xcs,  
                    String string) throws CertificateException {  
            }
            public X509Certificate[] getAcceptedIssuers() {  
                return null;  
            }  
        };
        ctx.init(null, new TrustManager[]{tm},null );  

                    System.out.println("缺省安全套接字使用的协议: " + ctx.getProtocol());  
        // 获取SSLContext实例相关的SSLEngine  
        SSLEngine en = ctx.createSSLEngine();  
        System.out  
                .println("支持的协议: " + Arrays.asList(en.getSupportedProtocols()));  
        System.out.println("启用的协议: " + Arrays.asList(en.getEnabledProtocols()));  
        System.out.println("支持的加密套件: "  
                + Arrays.asList(en.getSupportedCipherSuites()));  
        System.out.println("启用的加密套件: "  
                + Arrays.asList(en.getEnabledCipherSuites()));  

本机运行结果:
缺省安全套接字使用的协议: TLS
支持的协议: [SSLv2Hello, SSLv3, TLSv1]
启用的协议: [SSLv2Hello, SSLv3, TLSv1]
支持的加密套件: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_RSA_WITH_NULL_MD5, SSL_RSA_WITH_NULL_SHA, SSL_DH_anon_WITH_RC4_128_MD5, TLS_DH_anon_WITH_AES_128_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_DH_anon_EXPORT_WITH_RC4_40_MD5, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_KRB5_WITH_RC4_128_SHA, TLS_KRB5_WITH_RC4_128_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_RC4_40_SHA, TLS_KRB5_EXPORT_WITH_RC4_40_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5]
启用的加密套件: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]

这里如何指定启用的加密套件为TLS_RSA_WITH_AES_128_CBC_SHA,而不是默认的SSL_RSA_WITH_RC4_128_MD5

1个回答

u011606457
u011606457   2016.06.06 14:31

en.setEnabledCipherSuites(new String[]{"TLS_RSA_WITH_AES_128_CBC_SHA"});

Csdn user default icon
上传中...
上传图片
插入图片