All geek questions in one place

How to use TLSV1 or SSLV3 for the first handshake (Client Hello) in Java?

When I execute the following code, why the first confirmation is SSLv2, not TLSv1 or SSLv3?

How to use TLSV1 or SSLV3 for the first handshake in Java?

String host = "www.google.com"; String url = "/adsense/?sourceid=aso&subid=ZH_CN-ET-AS-ADSBY6&medium=link&hl=zh_CN"; SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(new KeyManager[0], new TrustManager[] {new DefaultTrustManager()}, new SecureRandom()); SSLContext.setDefault(ctx); SSLSocketFactory factory = ctx.getSocketFactory(); Socket socket = factory.createSocket(host, 443); BufferedWriter out = new BufferedWriter(new OutputStreamWriter(socket.getOutputStream())); BufferedReader in = new BufferedReader(new InputStreamReader(socket.getInputStream())); out.write("GET " + url + " HTTP/1.0"); out.flush(); out.close(); in.close();
+6
source share
3 answers

For TLSv1: Starting jvm client using

 -Dhttps.protocols="TLSv1"

or using

 System.setProperty("https.protocols", "TLSv1");

solved the problem for me.

+17
source

Use SSLSocket :

 SSLSocket socket = factory.createSocket(host, 443); String[] newProtocols = {"TLSv1"}; socket.setEnabledProtocols(newProtocols);
+8
source

What version of java are you using? Also how do you say that uses SSLv2? By default, java 1.6 will use TLSv1. There is a trick here, if you enable debug ssl, you can use the SSLv2Hello format, but if you close the "vesion protocol" inside the recording layer will be TLSv1 (1.e version of the wrapper information is in SSLv2 format). An analysis of the packet level of a TCP layer using wirehark should confirm this. If you want to start in TLSv1 format, set only https.protocols = TLSv1 (this can affect all outgoing ssl calls) or install on this particular socket as described above. Note that even if you select five comma-separated lists (e.g. https.protocols = SSLv3, TLSv1), it will start with TLSv1.

0
source

Source: https://habr.com/ru/post/890743/

More articles:


All Articles