如何强制Axis Client使用TLSv1.2协议 [英] How to enforce an Axis Client to use TLSv1.2 protocol
问题描述
与我们的应用程序集成的第三方最近对其安全级别协议进行了更改.简而言之,My Axis客户端现在应该使用TLSv1.1或TLSv1.2发送呼叫. 我看过其他与此相关的帖子,其中包含一些好主意:
A third party our application is integrate with has recently made changes in their security level protocols. In short, My Axis client should now send calls using TLSv1.1 or TLSv1.2. I have seen other posts regarding this, with some good ideas:
- here
- here.
在代码中进行了这些更改之后,我再次触发了调用, 我使用了一个截屏工具来监视已发送的程序包,但我仍然在SSL层中看到所使用的协议是TLSv1.
After making those changes in code, I have triggered the calls again, I have used a snipping tool to monitor the sent package, and I still see in the SSL layer that the protocol being used is TLSv1.
我在做什么错了?
这是我设置新SocketSecureFactory的方法:
this is how I set my new SocketSecureFactory:
AxisProperties.setProperty("axis.socketSecureFactory", MyTLSSocketSecureFactory.class.getName());
而MyTLSSocketSecureFactory是:
whereas MyTLSSocketSecureFactory is:
public class MyTLSSocketSecureFactory extends JSSESocketFactory {
public MyTLSSocketSecureFactory(Hashtable attributes) {
super(attributes);
}
@Override
public Socket create(String host,int port, StringBuffer otherHeaders,BooleanHolder useFullURL)
throws Exception{
Socket s = super.create(host, port, otherHeaders, useFullURL);
((SSLSocket)s).setEnabledProtocols(new String[] {"TLSv1.1", "TLSv1.2"});
return s;
}
}
非常感谢您的任何评论, 谢谢.
would really appreciate any comments, thanks.
推荐答案
在MyTLSSocketSecureFactory类中,您需要创建自己的SSLContext实例,然后从上下文中获取sslFactory.
In your MyTLSSocketSecureFactory class, you need create your own SSLContext instance and then get the sslFactory from the context.
重写initFactory()方法,诸如此类:
Override the initFactory() method, and somethings like:
initFactory() {
SSLContext context = SSLContext.getInstance("TLSv1.2");
context.init(null, null, null);
sslFactory = context.getSocketFactory();
}
这篇关于如何强制Axis Client使用TLSv1.2协议的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!