javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher su 解决办法

一、发现问题

javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
	at sun.security.ssl.HandshakeContext.<init>(HandshakeContext.java:171)
	at sun.security.ssl.ClientHandshakeContext.<init>(ClientHandshakeContext.java:98)
	at sun.security.ssl.TransportContext.kickstart(TransportContext.java:220)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:387)
	at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:436)
	at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384)
	at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
	at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376)
	at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393)
	at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
	at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
	at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
	at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
	at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
	at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
	at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108)

二、研究问题
jdk问题

三、解决问题
修改java.security 文件

Linux 默认路径/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.275.b01-1.el8_3.x86_64/jre/lib/security
Windows默认路径C:\Program Files\Java\jdk1.8.0_261\jre\lib\security

[root@iZ2ze30dygwd6yh7gu6lskZ security]# pwd
[root@iZ2ze30dygwd6yh7gu6lskZ security]# pwd
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.275.b01-1.el8_3.x86_64/jre/lib/security
[root@iZ2ze30dygwd6yh7gu6lskZ security]# ls
blacklisted.certs  cacerts  java.policy  java.security  nss.cfg  nss.fips.cfg  policy
[root@iZ2ze30dygwd6yh7gu6lskZ security]#

在这里插入图片描述
删除SSLv3, TLSv1, TLSv1.1
在这里插入图片描述
重启您的Java服务即可

如果仍然报错那就使用下面的方法
把 “TLSv1” 给改成null
把微信提供的方法中TLSv1改成null

SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(
                    sslContext,
//                    new String[]{"TLSv1"},    // 解决javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
                    null,
                    null,
                    new DefaultHostnameVerifier());

在这里插入图片描述
实在不行的话建议直接更换JDK。

点击: 更换JDK

# ssl # linux # java
Logo
华为开发者空间

华为开发者空间,是为全球开发者打造的专属开发空间,汇聚了华为优质开发资源及工具,致力于让每一位开发者拥有一台云主机,基于华为根生态开发、创新。

更多推荐

cover

GaussDB Ustore存储引擎解读

avatar 华为开发者空间

如何在鲲鹏平台上快速上手应用开发?鲲鹏DevKit给你答案

鲲鹏DevKit针对不同的业务场景,提供了应用迁移和系统迁移两套解决方案,帮忙开发者快速从X86平台迁移至鲲鹏平台,通过详细的迁移建议降低迁移门槛,可视化展示迁移进度,打消鲲鹏平台开发的顾虑。

avatar 华为开发者空间
cover

AI大模型高效开发神器来了 ,解读ModelArts 8大能力

avatar 华为开发者空间