如果服务器从SSL切换到TLS，是否会有任何客户端（Java代码）更改

Question

我有一个客户端代码连接到配置了SSL的服务器。现在服务器正在从SSL切换到TLS以获得更好的安全性，完全禁用SSL。客户端是否会有任何代码级别的更改？

这是我的代码：

public String callService(String _data, String _signature) {
    SSLContext sslcontext = null;
            String response = null;
    try {
        sslcontext = SSLContext.getInstance("SSL");

        sslcontext.init(new KeyManager[0],
                new TrustManager[] { new DummyTrustManager() },
                new SecureRandom());
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace(System.err);
    } catch (KeyManagementException e) {
        e.printStackTrace(System.err);
    }

    SSLSocketFactory factory = sslcontext.getSocketFactory();

    String data = _data;
    String signature = _signature;
    String urlParameters = "data=";
    try {

        urlParameters = urlParameters + URLEncoder.encode(data, "UTF-8")
                + "&signature=" + URLEncoder.encode(signature, "UTF-8");
    } catch (Exception e) {

        e.printStackTrace();

    }

    try {
        URL url;
        HttpsURLConnection connection;
        InputStream is = null;

        url = new URL("https://**.**.**.**/TLS/Inquiry");

        connection = (HttpsURLConnection) url.openConnection();

        connection.setRequestMethod("POST");
        connection.setRequestProperty("Content-Type",
                "application/x-www-form-urlencoded");

        connection.setRequestProperty("Content-Length",
                "" + Integer.toString(urlParameters.getBytes().length));
        connection.setRequestProperty("Content-Language", "en-US");

        connection.setUseCaches(false);
        connection.setDoInput(true);
        connection.setDoOutput(true);

        connection.setSSLSocketFactory(factory);
        connection.setHostnameVerifier(new DummyHostnameVerifier());

        OutputStream os = connection.getOutputStream();
        OutputStreamWriter osw = new OutputStreamWriter(os);
        osw.write(urlParameters);
        osw.flush();
        osw.close();

        is = connection.getInputStream();

        BufferedReader in = new BufferedReader(new InputStreamReader(is));

        response = in.readLine();

        System.out.println("Output " + response);
        is.close();
        in.close();

    } catch(ConnectException connExp) {
                connExp.printStackTrace();
            } catch (Exception e) {
        e.printStackTrace();
    }

            return response;        
}

Answer 1

根据客户端使用的java版本，可能会有影响。不同版本的Java将具有不同的默认协议。请参阅以下链接以参考Java 8,7和6的默认值。

https://blogs.oracle.com/java-platform-group/entry/diagnosing_tls_ssl_and_https

如果要在服务器上禁用客户端正在使用的默认版本的协议版本，则客户端将开始失败。这可以通过更改默认协议来解决 - 使用系统属性“https.protocols”。