Java:在https.protocols中设置TLSv1.2不起作用

时间:2016-03-16 09:24:45

标签: java paypal tls1.2

我在tomcat中使用Java 7并试图对paypal进行API调用,只支持TLSv1.2。由于java 7默认情况下不使用TLSv1.2,因此我在某处读取并在-Dhttps.protocols=TLSv1.2中的命令行参数中添加catalina.sh

但它仍然提供握手失败异常和调试信息,提供以下文字

%% No cached client session
*** ClientHello, TLSv1
RandomCookie:  GMT: 1441341367 bytes = { 196, 47, 204, 27, 84, 46, 183, 9, 117, 144, 240, 242, 25, 235, 124, 81, 157, 216, 189, 225, 53, 58, 41, 88, 47, 68, 172, 189 }
Session ID:  {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods:  { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension server_name, server_name: [host_name: api-3t.sandbox.paypal.com]
***
http-bio-8081-exec-10, WRITE: TLSv1 Handshake, length = 197
http-bio-8081-exec-10, READ: TLSv1 Alert, length = 2
http-bio-8081-exec-10, RECV TLSv1 ALERT:  fatal, handshake_failure
http-bio-8081-exec-10, called closeSocket()
http-bio-8081-exec-10, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
http-bio-8081-exec-10, called close()
http-bio-8081-exec-10, called closeInternal(true)
http-bio-8081-exec-10, called close()
http-bio-8081-exec-10, called closeInternal(true)
http-bio-8081-exec-10, called close()
http-bio-8081-exec-10, called closeInternal(true)

使用org.apache.commons.httpclient.HttpClient.executeMethod()拨打电话。为什么api通话仍无效?

0 个答案:

没有答案