Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
1.2k views
in Technique[技术] by (71.8m points)

java - How to set the list of ciphers and protocols to be used for sockets created by using HttpsURLConnection?

The normal way to get an SSLSocketFactory would be to initialize a new SSLContext with a TrustManager, KeyManager and SecureRandom and use the getSocketFactory() method. However, this does not allow me to enable the required cipher suites or protocols.

The only configuration that HttpsURLConnection permits that would allow such a change is by setting its default SSLSocketFactory. I can create a class that extends SSLSocketFactory and override the getDefaultCipherSuites() method and wrap the sockets created by createSocket() to have the required ciphers and protocols set. However, this method does not allow me to initialize a TrustManager for the connection?

Is there a method I can do both - set cipher suites and protocols and initialize a trust manager?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

Take the SSLSocketFactory obtained by SSLContext.getSocketFactory() and wrap it in a custom subclass of SSLSocketFactory, which delegates to the one obtained from SSLContext, but in createSocket() also sets the required cipher.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

2.1m questions

2.1m answers

60 comments

57.0k users

...