jdk1.7 HttpsURLConnection 如何能调用https接口？

JDK1.7 HttpsURLConnection 调用HTTPS接口，发生如下报错：

main, WRITE: TLSv1.2 Handshake, length = 216
main, READ: TLSv1.2 Alert, length = 2
main, RECV TLSv1 ALERT:  fatal, handshake_failure

javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
    at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1979)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1086)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
    at com.maoye.ossp.bpm.util.SendPostUtil.sendGet(SendPostUtil.java:97)
    at com.maoye.ossp.bpm.util.SendPostUtil.main(SendPostUtil.java:228)

已经根据csdn搜到的在调用前指定了使用TLSv1.2协议了，如下：

        SSLContext context = SSLContext.getInstance("TLSv1.2");
        System.setProperty("https.protocols", "TLSv1.2,TLSv1.1,SSLv3");
        context.init(null, null, null);
        SSLContext.setDefault(context);

我看consol打印出来也是客户端发过去是TLSv1.2了，但为什么服务器返回还是有TLSv1的Alert？

jdk1.7 HttpsURLConnection 到底如何能调用https接口呢？POSTMAN就随意调用。。

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除
收藏举报

2条回答默认最新

猫的幻想曲 2022-07-20 12:42

关注

获得5.00元问题酬金

用jdk1.7去访问https，怎么都不成功，要么成功后就是返回html代码，而不是json数据，主要因为jdk1.7默认https 请求是TLS1不支持TLS1.2。jdk1.7需要加入一个jar包：

<dependency>
            <groupId>org.bouncycastle</groupId>
            <artifactId>bcprov-jdk15on</artifactId>
            <version>1.57</version>
        </dependency>

import java.io.ByteArrayInputStream;  
import java.io.ByteArrayOutputStream;  
import java.io.DataOutputStream;  
import java.io.FileInputStream;  
import java.io.IOException;  
import java.io.InputStream;  
import java.io.OutputStream;  
import java.net.InetAddress;  
import java.net.InetSocketAddress;  
import java.net.Socket;  
import java.net.UnknownHostException;  
import java.security.KeyStore;  
import java.security.Principal;  
import java.security.SecureRandom;  
import java.security.Security;  
import java.security.cert.CertificateExpiredException;  
import java.security.cert.CertificateFactory;  
import java.util.Hashtable;  
import java.util.LinkedList;  
import java.util.List;  
  
import javax.net.ssl.HandshakeCompletedListener;  
import javax.net.ssl.SSLPeerUnverifiedException;  
import javax.net.ssl.SSLSession;  
import javax.net.ssl.SSLSessionContext;  
import javax.net.ssl.SSLSocket;  
import javax.net.ssl.SSLSocketFactory;  
import javax.security.cert.X509Certificate;  
  
import org.bouncycastle.crypto.tls.*;  
import org.bouncycastle.crypto.tls.Certificate;  
import org.bouncycastle.jce.provider.BouncyCastleProvider;  
  
 
public class TLSSocketConnectionFactory extends SSLSocketFactory {  
  
    static {  
        if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {  
            Security.addProvider(new BouncyCastleProvider());  
        }  
    }  
  
    @Override  
    public Socket createSocket(Socket socket, final String host, int port,  
                               boolean arg3) throws IOException {  
        if (socket == null) {  
            socket = new Socket();  
        }  
        if (!socket.isConnected()) {  
            socket.connect(new InetSocketAddress(host, port));  
        }  
  
        final TlsClientProtocol tlsClientProtocol = new TlsClientProtocol(socket.getInputStream(), socket.getOutputStream(), new SecureRandom());  
  
        return _createSSLSocket(host, tlsClientProtocol);  
    }  
  
    @Override  
    public String[] getDefaultCipherSuites() {  
        return null;  
    }  
  
    @Override  
    public String[] getSupportedCipherSuites() {  
        return null;  
    }  
  
    @Override  
    public Socket createSocket(String host, int port) throws IOException, UnknownHostException {  
        throw new UnsupportedOperationException();  
    }  
  
    @Override  
    public Socket createSocket(InetAddress host, int port) throws IOException {  
        throw new UnsupportedOperationException();  
    }  
  
    @Override  
    public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException, UnknownHostException {  
        return null;  
    }  
  
    @Override  
    public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {  
        throw new UnsupportedOperationException();  
    }  
  
    private SSLSocket _createSSLSocket(final String host, final TlsClientProtocol tlsClientProtocol) {  
        return new SSLSocket() {  
            private java.security.cert.Certificate[] peertCerts;  
  
            @Override  
            public InputStream getInputStream() throws IOException {  
                return tlsClientProtocol.getInputStream();  
            }  
  
            @Override  
            public OutputStream getOutputStream() throws IOException {  
                return tlsClientProtocol.getOutputStream();  
            }  
  
            @Override  
            public synchronized void close() throws IOException {  
                tlsClientProtocol.close();  
            }  
  
            @Override  
            public void addHandshakeCompletedListener(HandshakeCompletedListener arg0) {  
            }  
  
            @Override  
            public boolean getEnableSessionCreation() {  
                return false;  
            }  
  
            @Override  
            public String[] getEnabledCipherSuites() {  
                return null;  
            }  
  
            @Override  
            public String[] getEnabledProtocols() {  
                return null;  
            }  
  
            @Override  
            public boolean getNeedClientAuth() {  
                return false;  
            }  
  
            @Override  
            public SSLSession getSession() {  
                return new SSLSession() {  
  
                    @Override  
                    public int getApplicationBufferSize() {  
                        return 0;  
                    }  
  
                    @Override  
                    public String getCipherSuite() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public long getCreationTime() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public byte[] getId() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public long getLastAccessedTime() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public java.security.cert.Certificate[] getLocalCertificates() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public Principal getLocalPrincipal() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public int getPacketBufferSize() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public X509Certificate[] getPeerCertificateChain() throws SSLPeerUnverifiedException {  
                        return null;  
                    }  
  
                    @Override  
                    public java.security.cert.Certificate[] getPeerCertificates() throws SSLPeerUnverifiedException {  
                        return peertCerts;  
                    }  
  
                    @Override  
                    public String getPeerHost() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public int getPeerPort() {  
                        return 0;  
                    }  
  
                    @Override  
                    public Principal getPeerPrincipal() throws SSLPeerUnverifiedException {  
                        return null;  
                    }  
  
                    @Override  
                    public String getProtocol() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public SSLSessionContext getSessionContext() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public Object getValue(String arg0) {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public String[] getValueNames() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public void invalidate() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public boolean isValid() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public void putValue(String arg0, Object arg1) {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public void removeValue(String arg0) {  
                        throw new UnsupportedOperationException();  
                    }  
                };  
            }  
  
            @Override  
            public String[] getSupportedProtocols() {  
                return null;  
            }  
  
            @Override  
            public boolean getUseClientMode() {  
                return false;  
            }  
  
            @Override  
            public boolean getWantClientAuth() {  
                return false;  
            }  
  
            @Override  
            public void removeHandshakeCompletedListener(HandshakeCompletedListener arg0) {  
            }  
  
            @Override  
            public void setEnableSessionCreation(boolean arg0) {  
            }  
  
            @Override  
            public void setEnabledCipherSuites(String[] arg0) {  
            }  
  
            @Override  
            public void setEnabledProtocols(String[] arg0) {  
            }  
  
            @Override  
            public void setNeedClientAuth(boolean arg0) {  
            }  
  
            @Override  
            public void setUseClientMode(boolean arg0) {  
            }  
  
            @Override  
            public void setWantClientAuth(boolean arg0) {  
            }  
  
            @Override  
            public String[] getSupportedCipherSuites() {  
                return null;  
            }  
  
            @Override  
            public void startHandshake() throws IOException {  
                tlsClientProtocol.connect(new DefaultTlsClient() {  
  
                    @SuppressWarnings("unchecked")  
                    @Override  
                    public Hashtable<Integer, byte[]> getClientExtensions() throws IOException {  
                        Hashtable<Integer, byte[]> clientExtensions = super.getClientExtensions();  
                        if (clientExtensions == null) {  
                            clientExtensions = new Hashtable<Integer, byte[]>();  
                        }  
  
                        //Add host_name  
                        byte[] host_name = host.getBytes();  
  
                        final ByteArrayOutputStream baos = new ByteArrayOutputStream();  
                        final DataOutputStream dos = new DataOutputStream(baos);  
                        dos.writeShort(host_name.length + 3);  
                        dos.writeByte(0);  
                        dos.writeShort(host_name.length);  
                        dos.write(host_name);  
                        dos.close();  
                        clientExtensions.put(ExtensionType.server_name, baos.toByteArray());  
                        return clientExtensions;  
                    }  
  
                    @Override  
                    public TlsAuthentication getAuthentication() throws IOException {  
                        return new TlsAuthentication() {  
                            @Override  
                            public void notifyServerCertificate(Certificate serverCertificate) throws IOException {  
                                try {  
                                    KeyStore ks = _loadKeyStore();  
  
                                    CertificateFactory cf = CertificateFactory.getInstance("X.509");  
                                    List<java.security.cert.Certificate> certs = new LinkedList<java.security.cert.Certificate>();  
                                    boolean trustedCertificate = false;  
                                    for (org.bouncycastle.asn1.x509.Certificate c : ((org.bouncycastle.crypto.tls.Certificate) serverCertificate).getCertificateList()) {  
                                        java.security.cert.Certificate cert = cf.generateCertificate(new ByteArrayInputStream(c.getEncoded()));  
                                        certs.add(cert);  
  
                                        String alias = ks.getCertificateAlias(cert);  
                                        if (alias != null) {  
                                            if (cert instanceof java.security.cert.X509Certificate) {  
                                                try {  
                                                    ((java.security.cert.X509Certificate) cert).checkValidity();  
                                                    trustedCertificate = true;  
                                                } catch (CertificateExpiredException cee) {  
                                                    // Accept all the certs!  
                                                }  
                                            }  
                                        } else {  
                                            // Accept all the certs!  
                                        }  
  
                                    }  
                                    if (!trustedCertificate) {  
                                        // Accept all the certs!  
                                    }  
                                    peertCerts = certs.toArray(new java.security.cert.Certificate[0]);  
                                } catch (Exception ex) {  
                                    ex.printStackTrace();  
                                    throw new IOException(ex);  
                                }  
                            }  
  
                            @Override  
                            public TlsCredentials getClientCredentials(CertificateRequest certificateRequest) throws IOException {  
                                return null;  
                            }  
  
                            private KeyStore _loadKeyStore() throws Exception {  
                                FileInputStream trustStoreFis = null;  
                                try {  
                                    KeyStore localKeyStore = null;  
  
                                    String trustStoreType = System.getProperty("javax.net.ssl.trustStoreType") != null ? System.getProperty("javax.net.ssl.trustStoreType") : KeyStore.getDefaultType();  
                                    String trustStoreProvider = System.getProperty("javax.net.ssl.trustStoreProvider") != null ? System.getProperty("javax.net.ssl.trustStoreProvider") : "";  
  
                                    if (trustStoreType.length() != 0) {  
                                        if (trustStoreProvider.length() == 0) {  
                                            localKeyStore = KeyStore.getInstance(trustStoreType);  
                                        } else {  
                                            localKeyStore = KeyStore.getInstance(trustStoreType, trustStoreProvider);  
                                        }  
  
                                        char[] keyStorePass = null;  
                                        String str5 = System.getProperty("javax.net.ssl.trustStorePassword") != null ? System.getProperty("javax.net.ssl.trustStorePassword") : "";  
  
                                        if (str5.length() != 0) {  
                                            keyStorePass = str5.toCharArray();  
                                        }  
  
                                        localKeyStore.load(trustStoreFis, keyStorePass);  
  
                                        if (keyStorePass != null) {  
                                            for (int i = 0; i < keyStorePass.length; i++) {  
                                                keyStorePass[i] = 0;  
                                            }  
                                        }  
                                    }  
                                    return localKeyStore;  
                                } finally {  
                                    if (trustStoreFis != null) {  
                                        trustStoreFis.close();  
                                    }  
                                }  
                            }  
  
                        };  
                    }  
  
                });  
            } // startHandshake  
        };  
    }  
}

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStreamWriter;
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.net.URLConnection;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
 
import javax.net.ssl.HttpsURLConnection;
 
import org.apache.commons.lang.StringUtils;
 
public class HttpClientUtil {
    public HttpURLConnection createConnection(URI uri) throws IOException {
        URL url = uri.toURL();
        URLConnection connection = url.openConnection();
        HttpsURLConnection httpsURLConnection = (HttpsURLConnection) connection;
        httpsURLConnection
                .setSSLSocketFactory(new TLSSocketConnectionFactory());
        return httpsURLConnection;
    }
 
    public static String get(String url, Map<String, String> paramMap) {
        List<String> list = new ArrayList<String>();
        if (null != paramMap && paramMap.size() > 0) {

帮你搜到的资料

报告相同问题？

关注问题

Myeclipse 使用jdk1.7 myeclipse
2013-04-13 11:58

回答 4 已采纳 jdk1.7没有List list=["list"];新特性。 http://docs.oracle.com/javase/7/docs/api/ 官网的api。
Delphi如何调用JDK1.7呢?
2017-01-31 07:20

回答 2 已采纳最终采用java swing制作jar包, 然后打成exe, 通过socket与delphi进行通讯.
tomcat7升级tomcat8(jdk1.7升级到jdk1.8)启动报错 eclipse 后端
2021-08-06 11:41

回答 1 已采纳嗯，看报错好像是配置文件少东西了，所以解析不成功，好像你的配置文件节点有问题。把你的applicationContext-dao.xml贴出来看看。或者排查一下，配置文件中xml格式是否正确，配置头（
JDK1.7 httpClient调用https导致异常 peer not authenticated
2022-03-23 10:32

开卷手杰克的博客项目使用的JDK1.7，测试环境调用的远程服务是http，而正式环境是https，导致上线后调用服务异常 javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated at sun.security.ssl.SSLSessionImpl....
编译jdk1.7时发生错误：Unsupported major.minor version 52.0
2018-11-06 12:06

回答 3 已采纳我已经知道了。还是谢谢了哈！！！。原因是apache-ant-1.10.3需要jdk8支持，我吧它改成apache-ant-1.7.1就行了（-_-）
centos7 安装jdk1.7问题 centos java
2017-11-08 02:24

回答 2 已采纳新建 CLASSPATH ，变量值 ``` .;%JAVA_HOME%\lib;%JAVA_HOME%\lib\dt.jar;%JAVA_HOME%\lib\tools.jar ``
jdk1.8与eclipse4.2兼容吗？ eclipse java
2022-02-11 21:51

回答 3 已采纳兼容，现在好多都用的jdk1.8
jdk1.7客户端使用httpclient调用jdk1.8服务端的https接口
2022-09-09 14:55

jack03934的博客 SSLContext、https、TLSv1.2、jdk1.7
JDK帮助文档怎么下载啊？？？ intellij-idea java
2021-03-05 14:44

回答 3 已采纳 Java 8 中文版 - 在线API中文手册 - 码工具最新Java 8 中文版 api手册,Java 8 中文版 chm在线版浏览,J
maven项目运行报错，按照网上方法要换jdk，jdk本身是1.7的，求解决方法！ java maven
2018-02-01 07:46

回答 6 已采纳最好贴上详细的步骤. 出现这种错误, 检查:两个地方, 第一个是运行环境里面的jdk环境; 第二是mvn中有没有设置jdk环境; 你可以试试, 如本不行的话, 把详细步骤贴上来
JDK安装，请问这该怎么办？ java
2022-08-14 22:56

回答 1 已采纳来个图片吧
jdk1.7访问https请求，jdk1.8访问https请求
2019-06-01 17:19

程序员阿军的博客怎么都不成功，要么成功后就是返回html代码，而不是json数据，但是用jdk1.8访问就是成功的，返回的也是json数据，由于项目搭建是jdk1.7，不能够因为https问题去升级jdk，因为会很麻烦，主要因为jdk1.7默认https 请求...
Android stiudio jdk版本报错了，如何解决？ android gradle java
2022-10-18 22:45

回答 4 已采纳我问了一下我借鉴的博主，发现他使用的jdk和我的是一样的不用换jdk主要是我使用的jdk是初学时候按照网上，书上步骤弄得有点乱然后我又重新整理了一下jdk的问题就成功解决了，之前在网盘下的jdk这次直
JDK1.7不支持Https TLS1.2协议 1.8及以上支持
2021-07-14 09:52

run_2005的博客 jdk1.7支持协议：SSLv2Hello 、SSLv3、TLSv1、TLSv1.1、TLSv1.2五种协议，但是默认协议是：TLSv1，因为https 请求是双向认证的也就是jdk的支持协议最低是TLSv1以上的版本，所有jdk1.7不能访问https请求。...
java1.7后台请求https接口问题记录
2022-07-30 16:25

BUG生产机的博客 java后台请求接口，测试没有问题，上正式出现报错，没截图，应该是connectionreset的报错，发现测试环境请求接口地址是http，正式环境接口是https，在java1.7的环境下不能通用，需修改代码。
没有解决我的问题, 去提问

问题事件

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
系统已结题 7月28日
关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
创建了问题 7月20日

悬赏问题

¥100 嵌入式系统基于PIC16F882和热敏电阻的数字温度计
¥15 cmd cl 0x000007b
¥20 BAPI_PR_CHANGE how to add account assignment information for service line
¥500 火焰左右视图、视差（基于双目相机）
¥100 set_link_state
¥15 虚幻5 UE美术毛发渲染
¥15 CVRP 图论物流运输优化
¥15 Tableau online 嵌入ppt失败
¥100 支付宝网页转账系统不识别账号
¥15 基于单片机的靶位控制系统

jdk1.7 HttpsURLConnection 如何能调用https接口？

2条回答 默认 最新

问题事件

悬赏问题

2条回答默认最新