HttpClient 4.4.1不支持TLS_DHE_RSA_WITH_AES_256_CBC_SHA

时间:2015-08-07 10:37:59

标签: java ssl apache-httpclient-4.x

我想连接到页面并获得回复。我在服务器上的证书与信任库存在。其他页面工作很好,但不是host = ebok.duon.pl

我使用Java 7和HttpClient:

    <dependency>
        <groupId>org.apache.httpcomponents</groupId>
        <artifactId>httpclient</artifactId>
        <version>4.4.1</version>
    </dependency>

例外:

java.lang.IllegalArgumentException: Cannot support TLS_DHE_RSA_WITH_AES_256_CBC_SHA with currently installed providers
at sun.security.ssl.CipherSuiteList.<init>(CipherSuiteList.java:92)
at sun.security.ssl.SSLSocketImpl.setEnabledCipherSuites(SSLSocketImpl.java:2374)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:384)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.upgrade(DefaultHttpClientConnectionOperator.java:185)
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.upgrade(PoolingHttpClientConnectionManager.java:369)
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:415)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:117)

我在Java 8上查看但是是一样的。

一些代码:

    HttpClientContext context = HttpClientContext.create();
    CookieStore cookieStore = new BasicCookieStore();
    context.setCookieStore(cookieStore);

    HttpHost targetHost = new HttpHost(host, 443, "https");

    try {
        SSLContext sslContext = SSLContexts
                .custom()
                .useTLS()
                .build();

        SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(
                sslContext,
                new String[]{"TLSv1", "TLSv1.0", "TLSv1.1", "TLSv1.2", "SSLv3"},
                new String[]{"TLS_DHE_RSA_WITH_AES_256_CBC_SHA"},
                null);

        RequestConfig requestConfig = RequestConfig
                .custom()
                .setRedirectsEnabled(false)
                .setConnectTimeout(60000)
                .setConnectionRequestTimeout(10000)
                .setSocketTimeout((60000)
                .build();


        this.httpClient = HttpClientBuilder
                .create()
                .setUserAgent("Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.111 Safari/537.36")
                .setDefaultCookieStore(cookieStore)
                .setDefaultRequestConfig(requestConfig)
                .setSslcontext(sslContext)
                .setSSLSocketFactory(sslConnectionSocketFactory)
                .build();


    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    } catch (KeyManagementException e) {
        e.printStackTrace();
    }

我该怎样修理/周围?

1 个答案:

答案 0 :(得分:2)

这不是HttpClient的问题,而是在

下运行的JRE

TLS_DHE_RSA_WITH_ AES_256 _CBC_SHA&lt;这表明服务器正在尝试使用AES-256 / CBC作为密码机制进行协商。

如果您运行的是标准Oracle JRE / JDK,则需要安装JCE策略文件以启用大于AES 192位的加密强度。

相关问题
最新问题