WebSphere 5.0 中针对特定 URL/Certificate 的 HTTPS POST 请求失败
HTTPS POST request failing in WebSphere 5.0 for a particular URL/Certificate
我正在尝试使用 WebSphere 5.1 通过 HTTPS 连接到 RESTful Web 服务端点。
endpoint = new URL("https://restful/web/service");
HttpURLConnection connection = (HttpURLConnection) endpoint.openConnection();
connection.setRequestMethod("POST");
if (connection.getResponseCode() == 200) {
//Do something
} else {
//Show error
}
我在 getResponseCode() 上收到以下异常
[1/22/15 9:16:28:306 GMT] 9341a3d SystemErr R javax.net.ssl.SSLProtocolException: end of file
[1/22/15 9:16:28:306 GMT] 9341a3d SystemErr R at com.ibm.jsse.bg.a(Unknown Source)
[1/22/15 9:16:28:306 GMT] 9341a3d SystemErr R at com.ibm.jsse.bg.startHandshake(Unknown Source)
[1/22/15 9:16:28:306 GMT] 9341a3d SystemErr R at com.ibm.net.ssl.www.protocol.https.b.n(Unknown Source)
[1/22/15 9:16:28:306 GMT] 9341a3d SystemErr R at com.ibm.net.ssl.www.protocol.https.p.connect(Unknown Source)
[1/22/15 9:16:28:306 GMT] 9341a3d SystemErr R at com.ibm.net.ssl.www.protocol.http.bw.getInputStream(Unknown Source)
[1/22/15 9:16:28:307 GMT] 9341a3d SystemErr R at com.ibm.net.ssl.www.protocol.http.bw.getHeaderField(Unknown Source)
[1/22/15 9:16:28:307 GMT] 9341a3d SystemErr R at com.ibm.net.ssl.www.protocol.http.bw.getResponseCode(Unknown Source)
[1/22/15 9:16:28:307 GMT] 9341a3d SystemErr R at com.ibm.net.ssl.internal.www.protocol.https.HttpsURLConnection.getResponseCode(Unknown Source)
如果我在 WebLogic 上尝试相同的代码,它工作正常。最重要的是,对于其他端点(例如 https://googleapis),它在 WebLogic 和 WebSphere 上都能完美运行。
我已经将证书导入信任库,但似乎没有什么不同。有人可以就问题所在提出建议吗?
终于找到解决办法了。看起来 Websphere 默认使用 SSLv3 进行 SSL 握手而不是 TLS。强制它使用 TLS 就可以了。
System.setProperty("https.protocols", "TLSv1");
我正在尝试使用 WebSphere 5.1 通过 HTTPS 连接到 RESTful Web 服务端点。
endpoint = new URL("https://restful/web/service");
HttpURLConnection connection = (HttpURLConnection) endpoint.openConnection();
connection.setRequestMethod("POST");
if (connection.getResponseCode() == 200) {
//Do something
} else {
//Show error
}
我在 getResponseCode() 上收到以下异常
[1/22/15 9:16:28:306 GMT] 9341a3d SystemErr R javax.net.ssl.SSLProtocolException: end of file
[1/22/15 9:16:28:306 GMT] 9341a3d SystemErr R at com.ibm.jsse.bg.a(Unknown Source)
[1/22/15 9:16:28:306 GMT] 9341a3d SystemErr R at com.ibm.jsse.bg.startHandshake(Unknown Source)
[1/22/15 9:16:28:306 GMT] 9341a3d SystemErr R at com.ibm.net.ssl.www.protocol.https.b.n(Unknown Source)
[1/22/15 9:16:28:306 GMT] 9341a3d SystemErr R at com.ibm.net.ssl.www.protocol.https.p.connect(Unknown Source)
[1/22/15 9:16:28:306 GMT] 9341a3d SystemErr R at com.ibm.net.ssl.www.protocol.http.bw.getInputStream(Unknown Source)
[1/22/15 9:16:28:307 GMT] 9341a3d SystemErr R at com.ibm.net.ssl.www.protocol.http.bw.getHeaderField(Unknown Source)
[1/22/15 9:16:28:307 GMT] 9341a3d SystemErr R at com.ibm.net.ssl.www.protocol.http.bw.getResponseCode(Unknown Source)
[1/22/15 9:16:28:307 GMT] 9341a3d SystemErr R at com.ibm.net.ssl.internal.www.protocol.https.HttpsURLConnection.getResponseCode(Unknown Source)
如果我在 WebLogic 上尝试相同的代码,它工作正常。最重要的是,对于其他端点(例如 https://googleapis),它在 WebLogic 和 WebSphere 上都能完美运行。
我已经将证书导入信任库,但似乎没有什么不同。有人可以就问题所在提出建议吗?
终于找到解决办法了。看起来 Websphere 默认使用 SSLv3 进行 SSL 握手而不是 TLS。强制它使用 TLS 就可以了。
System.setProperty("https.protocols", "TLSv1");