我一直在寻找一种使用Apache HttpClient时更改TLS版本的方法,并查看提供的许多示例,使用的版本始终为TLSv1.2而不是TLSv1.1。
//Set the https use TLSv1.1
private static Registry<ConnectionSocketFactory> getRegistry() throws KeyManagementException, NoSuchAlgorithmException {
SSLContext sslContext = SSLContexts.custom().build();
SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext,
new String[]{"TLSv1.1"}, null, SSLConnectionSocketFactory.getDefaultHostnameVerifier());
return RegistryBuilder.<ConnectionSocketFactory>create()
.register("http", PlainConnectionSocketFactory.getSocketFactory())
.register("https", sslConnectionSocketFactory)
.build();
}
public static void main(String... args) {
try {
//Set the https use TLSv1.1
PoolingHttpClientConnectionManager clientConnectionManager = new PoolingHttpClientConnectionManager(getRegistry());
clientConnectionManager.setMaxTotal(100);
clientConnectionManager.setDefaultMaxPerRoute(20);
HttpClient client = HttpClients.custom().setConnectionManager(clientConnectionManager).build();
} catch (KeyManagementException | NoSuchAlgorithmException e) {
e.printStackTrace();
}
}
但是在测试之后,当我发送请求时,我的TLS版本仍然是TLSv1.2 (TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384),而不是TLSv1.1。
谢谢。