How to enable SSL 3 in Java

前端未结

关注

 4  828

清歌不尽 2020-11-29 12:33

Since Java 8 Update 31 the SSL 3 protocol is disabled by default due to security flaws in the SSL Protocol (see POODLE attack).

Even if not recommended, how can it b

4条回答

猫巷女王i (楼主)

2020-11-29 12:39

If you must re-enable SSLv3.0 on either 8u31, 7u75, 6u91 all you have to do is comment out the following line in JRE_HOME/lib/security/java.security:

 jdk.tls.disabledAlgorithms=SSLv3

Code:

import javax.net.ssl.*;

public class SocketProtocols {

  public static void main(String[] args) throws Exception {

    SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
    SSLSocket soc = (SSLSocket) factory.createSocket();

    // Returns the names of the protocol versions which are
    // currently enabled for use on this connection.
    String[] protocols = soc.getEnabledProtocols();

    System.out.println("Enabled protocols:");
    for (String s : protocols) {
      System.out.println(s);
    }

  }
}

Output:

Before enabling SSL 3.0

$ /jdk1.8.0_31/bin/java SocketProtocols
Enabled protocols:
TLSv1
TLSv1.1
TLSv1.2

After enabling SSL 3.0

$ /jdk1.8.0_31/bin/java SocketProtocols
Enabled protocols:
SSLv3
TLSv1
TLSv1.1
TLSv1.2

credits/source: http://javablogx.blogspot.de/2015/02/enabling-ssl-v30-in-java-8.html

0 讨论(0)

查看其它4个回答