天天看点
返回

cas登录换用 jdk1.6 报错handshake_failure握手失败

cas登录换用 jdk1.6 报错handshake_failure握手失败

用cas代码搭建demo,jdk版本为1.6,结果报错javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure。

总结百度搜索答案:

  1. 替换jdk的jar包,即jre\lib\security的local_policy.jar,US_export_policy.jar文件替换掉(jre和jdk中的jre均替换掉),下载地址

    http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html;

  2. 设置参数System.setProperty(“https.protocols”, “TLSv1.2,TLSv1.1,SSLv3”);

试用过第一种,没有解决问题;开始尝试第二种,首先要找到参数添加地址,观察报错:

cas登录换用 jdk1.6 报错handshake_failure握手失败

标明cas.client.util.Commonutils.getResponseFromServer 报错,所以在建立客户端与服务端建立连接时要指定jdk1.6的证书类型,经查证:

cas登录换用 jdk1.6 报错handshake_failure握手失败

故代码设置为 System.setProperty(“https.protocols”, “TLSv1,SSLv3”);即

public static String getResponseFromServer(final URL constructedUrl, final HostnameVerifier hostnameVerifier, final String encoding) {
    	URLConnection conn = null;
        try {
        	//加入支持证书类型
            System.setProperty("https.protocols", "TLSv1,SSLv3");
            conn = constructedUrl.openConnection();
            if (conn instanceof HttpsURLConnection) {
                ((HttpsURLConnection)conn).setHostnameVerifier(hostnameVerifier);
            }
            final BufferedReader in;
            if (CommonUtils.isEmpty(encoding)) {
                in = new BufferedReader(new InputStreamReader(conn.getInputStream()));
            } else {
                in = new BufferedReader(new InputStreamReader(conn.getInputStream(), encoding));
            }

            String line;
            final StringBuilder stringBuffer = new StringBuilder(255);

            while ((line = in.readLine()) != null) {
                stringBuffer.append(line);
                stringBuffer.append("\n");
            }
            return stringBuffer.toString();
        } catch (final Exception e) {
            LOG.error(e.getMessage(), e);
            throw new RuntimeException(e);
        } finally {
            if (conn != null && conn instanceof HttpURLConnection) {
                ((HttpURLConnection)conn).disconnect();
            }
        }

}

重启项目,登录成功。

jdk证书类型部分参考https://blog.csdn.net/tawlang/article/details/80655460;

做一个备忘录,若有不准确还望指正。

cas 握手失败 handshake_failure
上一篇: three.js制作星空
下一篇: 带你走进数仓大集群内幕丨详解关于作业hang及残留问题定位

继续阅读