使用Dropbox Java SDK for API v2时获取SSLHandshakeException [英] Getting SSLHandshakeException when using Dropbox Java SDK for API v2
本文介绍了使用Dropbox Java SDK for API v2时获取SSLHandshakeException的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
在 XPages 应用程序中,我想使用 Dropbox Java SDK(2.1.2)for API v2 来获取有关我的Dropbox帐户的信息。以下代码用于检索相应的帐户对象:
String atoken =****;
DbxRequestConfig rc = new DbxRequestConfig(****);
DbxClientV2 client = new DbxClientV2(rc,atoken);
DbxUserUsersRequests users = client.users();
FullAccount acc = users.getCurrentAccount(); //此处引发的异常
最后一行引发以下异常:
com.dropbox.core.NetworkIOException:com.dropbox.core.DbxRequestUtil.startPostRaw(DbxRequestUtil.java:240)$ b没有合适的协议
$ b ...
引起:javax.net.ssl.SSLHandshakeException:在com.ibm.jsse2.kb.c(kb.java:347)没有合适的协议
.. 。
从堆栈跟踪中我得出结论, IBMJSSE2 是以前的安全提供程序处理SSL握手。所以我在非Domino JVM(JRE7)中运行了上面的代码,它使用了 SunJSSE 安全提供程序,它没有任何问题。因此问题必须与IBM的Domino JVM有关,但我无法弄清楚如何修复它。
任何人都可以帮我解决这个问题或提供解决方案的提示?
其他信息:
Domino服务器的版本: 9.0.1 FP4 HF70
Java运行时版本:pwa6460sr16fp4-20150414_01(SR16 FP4)[22B8:0002- 1E88]
JVM版本: JRE 1.6.0 IBM J9 2.4 Windows 7 amd64-64 jvmwa6460sr16fp4-20150406_242976(已启用JIT,已启用AOT)J9VM - 20150406_242976 JIT - r9_20150402_88984 GC - GA24_Java6_SR16_20150406_1410_B242976
Domino JVM中已安装无限制的JCE策略文件。
IBMJSSE2 安全提供程序的属性:
Alg.Alias.TrustManagerFactory.IbmPKIX = PKIX
Alg.Alias.TrustManagerFactory.X.509 = PKIX
Alg.Alias.TrustManagerFactory.X509 = PKIX
KeyManagerFactory.IbmX509 = com.ibm.jsse2.rc $ a_
KeyManagerFactory.NewIbmX509 = com.ibm.jsse2.rc $ b_
Provider.id className = com.ibm.jsse2.IBMJSSEProvider2
Provider.id info = IBM JSSE provider2(实现IbmX509密钥/信任工厂,SSLv3,TLSv1)
Provider.id name = IBMJSSE2
Provider.id version = 1.6
SSLContext.Default = com。 ibm.jsse2.tc
SSLContext.SSL = com.ibm.jsse2.uc
SSLContext.SSL_TLS = com.ibm.jsse2.vc
SSLContext.SSL_TLSv2 = com.ibm.jsse2.wc
SSLContext.TLS = com.ibm.jsse2.yc
SSLContext.TLSv1 = com.ibm.jsse2.zc
SSLContext.TLSv1.1 = com.ibm.jsse2.ad
SSLContext.TLSv1.2 = com.ibm.jsse2.bd
TrustManagerFactory.IbmX509 = com.ibm.jsse2.ed $ b_
TrustManagerFactory.PKIX = com.ibm.jsse2.ed $ a_
异常的完整堆栈跟踪:
com.dropbox.core.NetworkIOException:com.dropbox.core.DbxRequestUtil.startPostRaw(DbxRequestUtil.java:240)中没有合适的协议
at com.dropbox.core.v2.DbxRawClientV2 $ 1.execute(DbxRawClientV2.java:100)
at com.dropbox.core.v2.DbxRawClientV2.executeRetriable(DbxRawClientV2.java:256)
at com.dropbox.core.v2.DbxRawClientV2.rpcStyle(DbxRawClientV2.java:97)
at com.dropbox.core.v2.users.DbxUserUsersRequests.getCurrentAccount(DbxUserUsersRequests.java:120)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)
at java.lang.reflect.Method.invoke(Method.java:611)
at com.ibm.jscript.types.JavaAccessObject.call(JavaAccessObject.java:321)
at com。 ibm.jscript.types.FBSObject.call(FBSObject.java:161)
at com.ibm.jscript.ASTTree.ASTCall.interpret(ASTCall.java:197)
at com.ibm.jscript。 ASTTree.ASTAssign.interpret(ASTAssign.java:91)
at com.ibm.jscript.ASTTree.ASTBlock.interpret(ASTB lock.java:100)
at com.ibm.jscript.ASTTree.ASTTry.interpret(ASTTry.java:109)
at com.ibm.jscript.ASTTree.ASTBlock.interpret(ASTBlock.java: 100)
at com.ibm.jscript.ASTTree.ASTTry.interpret(ASTTry.java:109)
at com.ibm.jscript.std.FunctionObject._executeFunction(FunctionObject.java:261)
at com.ibm.jscript.std.FunctionObject.executeFunction(FunctionObject.java:185)
at com.ibm.jscript.std.FunctionObject.call(FunctionObject.java:171)
at com .ibm.jscript.types.FBSObject.call(FBSObject.java:161)
at com.ibm.jscript.ASTTree.ASTCall.interpret(ASTCall.java:197)
at com.ibm.jscript .ASTTree.ASTAssign.interpret(ASTAssign.java:91)
at com.ibm.jscript.ASTTree.ASTBlock.interpret(ASTBlock.java:100)
at com.ibm.jscript.ASTTree.ASTIf .interpret(ASTIf.java:85)
at com.ibm.jscript.ASTTree.ASTProgram.interpret(ASTProgram.java:119)
at com.ibm.jscript.types.FBSGlobalObject $ GlobalMethod.call (FBSGlobalObject.java:280)com.ibm.jscript.ty上的
pes.FBSObject.call(FBSObject.java:161)
at com.ibm.jscript.types.FBSGlobalObject $ GlobalMethod.call(FBSGlobalObject.java:219)
at com.ibm.jscript.ASTTree。 ASTCall.interpret(ASTCall.java:197)
at com.ibm.jscript.ASTTree.ASTBlock.interpret(ASTBlock.java:100)
at com.ibm.jscript.ASTTree.ASTIf.interpret( ASTIf.java:85)
at com.ibm.jscript.ASTTree.ASTBlock.interpret(ASTBlock.java:100)
at com.ibm.jscript.ASTTree.ASTTry.interpret(ASTTry.java: 109)
at com.ibm.jscript.std.FunctionObject._executeFunction(FunctionObject.java:261)
at com.ibm.jscript.std.FunctionObject.executeFunction(FunctionObject.java:185)
at com.ibm.jscript.std.FunctionObject.call(FunctionObject.java:171)
at com.ibm.jscript.std.FunctionPrototype $ FunctionMethod.call(FunctionPrototype.java:169)
at com.ibm.jscript.types.FBSObject.call(FBSObject.java:161)
at com.ibm.jscript.ASTTree.ASTCall.interpret(ASTCall.java:197)
at com.ibm .jscript.ASTTree.ASTAssign.interpret( ASTAssign.java:91)
at com.ibm.jscript.ASTTree.ASTBlock.interpret(ASTBlock.java:100)
at com.ibm.jscript.ASTTree.ASTIf.interpret(ASTIf.java: 85)
at com.ibm.jscript.ASTTree.ASTBlock.interpret(ASTBlock.java:100)
at com.ibm.jscript.ASTTree.ASTTry.interpret(ASTTry.java:109)
at com.ibm.jscript.ASTTree.ASTProgram.interpret(ASTProgram.java:119)
at com.ibm.jscript.ASTTree.ASTProgram.interpretEx(ASTProgram.java:139)
at com .ibm.jscript.JSExpression._interpretExpression(JSExpression.java:435)
at com.ibm.jscript.JSExpression.access $ 1(JSExpression.java:424)
at com.ibm.jscript.JSExpression $ 2 .run(JSExpression.java:414)
at java.security.AccessController.doPrivileged(AccessController.java:448)
at com.ibm.jscript.JSExpression.interpretExpression(JSExpression.java:410)
at com.ibm.jscript.JSExpression.evaluateValue(JSExpression.java:251)
at com.ibm.jscript.JSExpression.evaluateValue(JSExpression.java:234)
at com.ibm。 xsp.javas cript.JavaScriptInterpreter.interpret(JavaScriptInterpreter.java:222)
at com.ibm.xsp.binding.javascript.JavaScriptMethodBinding.invoke(JavaScriptMethodBinding.java:111)
at com.ibm.xsp.component。 UIViewRootEx.invokePhaseMethodBinding(UIViewRootEx.java:1735)
at com.ibm.xsp.controller.FacesControllerImpl.invokePhaseMethodBinding(FacesControllerImpl.java:450)
at com.ibm.xsp.controller.FacesControllerImpl.access $ 0 (FacesControllerImpl.java:444)
at com.ibm.xsp.controller.FacesControllerImpl $ ViewPhaseListener.afterPhase(FacesControllerImpl.java:512)
at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl .java:218)
at com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:120)
at com.ibm.xsp.controller.FacesControllerImpl.render(FacesControllerImpl.java:270 )com.ibm.xsp.webapp.FacesServlet.serviceView(FacesServlet.java:261)
com.ibm.xsp.webapp.FacesServletEx.serviceView(FacesServletEx.java:157)
在com.ibm.xsp.we bapp.FacesServlet.service(FacesServlet.java:160)
at com.ibm.xsp.webapp.FacesServletEx.service(FacesServletEx.java:138)
at com.ibm.xsp.webapp.DesignerFacesServlet。 service(DesignerFacesServlet.java:103)
at com.ibm.designer.runtime.domino.adapter.ComponentModule.invokeServlet(ComponentModule.java:576)
at com.ibm.domino.xsp.module。 nsf.NSFComponentModule.invokeServlet(NSFComponentModule.java:1335)
at com.ibm.designer.runtime.domino.adapter.ComponentModule $ AdapterInvoker.invokeServlet(ComponentModule.java:853)
at com.ibm。 designer.runtime.domino.adapter.ComponentModule $ ServletInvoker.doService(ComponentModule.java:796)
at com.ibm.designer.runtime.domino.adapter.ComponentModule.doService(ComponentModule.java:565)
at com.ibm.domino.xsp.module.nsf.NSFComponentModule.doService(NSFComponentModule.java:1319)
at com.ibm.domino.xsp.module.nsf.NSFService.doServiceInternal(NSFService.java:662 )com.ibm.domino.xsp.module.nsf.NSFService.doServ上的
ice(NSFService.java:482)
at com.ibm.designer.runtime.domino.adapter.LCDEnvironment.doService(LCDEnvironment.java:357)
at com.ibm.designer.runtime.domino。 adapter.LCDEnvironment.service(LCDEnvironment.java:313)
at com.ibm.domino.xsp.bridge.http.engine.XspCmdManager.service(XspCmdManager.java:272)
引起:javax。 net.ssl.SSLHandshakeException:com.ibm.jsse2.kb.c(kb.java:347)上没有合适的协议
com.ibm.jsse2.SSLSocketImpl.i上的
(SSLSocketImpl.java:363 )com.ibm.jsse2.SSLSocketImpl.h(SSLSocketImpl.java:650)
com.ibm.jsse2.SSLSocketImpl.a(SSLSocketImpl.java:669)
at com。 ibm.jsse2.SSLSocketImpl.startHandshake(SSLSocketImpl.java:95)
at com.ibm.net.ssl.www2.protocol.https.c.afterConnect(c.java:162)
at com。 ibm.net.ssl.www2.protocol.https.d.connect(d.java:36)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1044)
at com.ibm.net.ssl.www2.protocol.https.b.getOutputStream(b.ja va:53)
at com.dropbox.core.http.StandardHttpRequestor.getOutputStream(StandardHttpRequestor.java:123)
at com.dropbox.core.http.StandardHttpRequestor.access $ 000(StandardHttpRequestor.java:28 )
at com.dropbox.core.http.StandardHttpRequestor $ Uploader。(StandardHttpRequestor.java:133)
at com.dropbox.core.http.StandardHttpRequestor.startPost(StandardHttpRequestor.java:72)
at com.dropbox.core.http.StandardHttpRequestor.startPost(StandardHttpRequestor.java:28)
at com.dropbox.core.DbxRequestUtil.startPostRaw(DbxRequestUtil.java:232)
...
更新:设定后 javax.net.debug = ssl:handshake:data (由Jigar Joshi建议)错误日志和跟踪日志提供以下附加信息:
主题为EMAILADDRESS = ****,CN = ****,O = ****,L = ****,ST = ****,C = **的证书**,由CN = ****发出,OU = ****,O = ****,C = ****,不受信任。验证失败,错误3659 。
CommonBaseEventLogRecord:sourceClassName = com.ibm.domino.napi.ssl.DominoX509TrustManager
CommonBaseEventLogRecord:sourceMethodName = checkServerTrusted
< sourcecomponentid component =Expeditor 6.2componentidtype =ProductNameinstanceid =location =****locationtype =Hostnamesubcomponent =com.ibm。 domino.napi.sslthreadid =5componenttype =http://www.w3.org/2001/XMLSchema-instance>
不受信任的证书是我自己的,即使所有证书都是并将私钥导入我的密钥库。密钥库在非Domino JVM中工作的事实允许我得出结论,密钥库文件应该是有效的。但是,在Domino JVM中运行代码时,证书仍然不受信任。
更新:调试输出的核心部分( javax.net.debug = ssl:handshake )是
SSLContextImpl:使用X509ExtendedKeyManager com.ibm.jsse2.hd
SSLContextImpl:使用X509TrustManager com.ibm.jsse2.pc
IBMJSSE2将忽略com.ibm.jsse2.overrideDefaultProtocol设置为无法识别的值TLSv1
已安装的提供程序= IBMJSSE2,IBMJCE,IBMJGSSProvider,IBMCertPath,IBMSASL,IBMXMLCRYPTO,IBMXMLEnc,策略,IBMSPNEGO
JsseJCE:使用提供程序IBMJCE版本1.2中的SecureRandom IBMSecureRandom
触发器SecureRandom播种
完成播种SecureRandom
IBMJSSE2将启用CBC保护
IBMJSSE2在初始ClientHello上发送SCSV Cipher Suite
JsseJCE:使用来自提供者IBMJCE版本1.2的SecureRandom IBMSecureRandom
IBMJSSE2将允许RFC 5746重新协商p er com.ibm.jsse2.renegotiate设置为none或默认
IBMJSSE2在初始握手期间不需要重新协商指示符,每个com.ibm.jsse2.renegotiation.indicator设置为OPTIONAL或默认值为
IBMJSSE2将不执行根据com.ibm.jsse2.renegotiation.peer.cert.check重新协商期间对等证书检查的身份检查设置为OFF或默认
IBMJSSE2将不允许在重新协商期间根据jdk.tls.allowUnsafeServerCertChange设置为不安全的服务器证书更改FALSE或默认
初始握手:true
JsseJCE:使用来自提供者IBMJCE版本1.2的KeyAgreement ECDH
JsseJCE:使用来自提供者TBD的签名SHA1withECDSA通过init
JsseJCE:使用签名NONEwithECDSA来自提供者TBD通过init
JsseJCE:使用来自提供者IBMJCE版本1.2的KeyFactory EC
JsseJCE:使用来自提供者TBD的KeyPairGenerator EC通过init
JsseJce:EC可用
忽略禁用的密码套件: SSL_RENEGO_PROTECTION_R EQUEST for TLSv1
没有可用的密码套件TLSv1
Thread-8,处理异常:javax.net.ssl.SSLHandshakeException:没有合适的协议
Thread-8,SEND TLSv1 ALERT:致命,
description = handshake_failure
没有可用的TLSv1密码套件似乎是我问题的根源。
更新:获取默认的SSL服务器套接字factory( SSLServerSocketFactory.getDefault())以及相应的默认和支持的密码套件( getDefaultCipherSuites() / getSupportedCipherSuites())显示只有SSL密码套件可用:
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA [支持]
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA [默认]
SSL_DHE_DSS_WITH_AES_128_CBC_SHA [默认]
SSL_DHE_DSS_WITH_AES_128_CBC_SHA256 [支持]
SSL_DHE_DSS_WITH_AES_128_GCM_SHA256 [支持]
SSL_DHE_DS S_WITH_AES_256_CBC_SHA [默认]
SSL_DHE_DSS_WITH_AES_256_CBC_SHA256 [支持]
SSL_DHE_DSS_WITH_AES_256_GCM_SHA384 [支持]
SSL_DHE_DSS_WITH_DES_CBC_SHA [默认]
SSL_DHE_DSS_WITH_RC4_128_SHA [支持]
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA [支持]
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA [默认]
SSL_DHE_RSA_WITH_AES_128_CBC_SHA [默认]
SSL_DHE_RSA_WITH_AES_128_CBC_SHA256 [支持]
SSL_DHE_RSA_WITH_AES_128_GCM_SHA256 [支持]
SSL_DHE_RSA_WITH_AES_256_CBC_SHA [默认]
SSL_DHE_RSA_WITH_AES_256_CBC_SHA256 [支持]
SSL_DHE_RSA_WITH_AES_256_GCM_SHA384 [支持]
SSL_DHE_RSA_WITH_DES_CBC_SHA [默认]
SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA [支持]
SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 [支持]
SSL_DH_anon_WITH_3DES_EDE_CBC_SHA [支持]
SSL_DH_anon_WITH_AES_128_CBC_SHA [支持]
SSL_DH_anon_WITH_AES_128_CBC_SHA256 [支持]
SSL_DH_anon_WITH_AES_128_GCM_SHA256 [支持]
SSL_DH_anon_WITH_AES_256_CBC_SHA [支持]
SSL_DH_anon_WITH_AES_256_CBC_SHA256 [支持]
SSL_DH_anon_WITH_AES_256_GCM_SHA384 [支持]
SSL_DH_anon_WITH_DES_CBC_SHA [支持]
SSL_DH_anon_WITH_RC4_128_MD5 [支持]
SSL_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA [支持]
SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA [支持]
SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 [支持]
SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 [支持]
SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA [支持]
SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 [支持]
SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 [支持]
SSL_ECDHE_ECDSA_WITH_NULL_SHA [支持]
SSL_ECDHE_ECDSA_WITH_RC4_128_SHA [支持]
SSL_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA [支持]
SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA [支持]
SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256 [支持]
SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA256 [支持]
SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA [支持]
SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA384 [支持]
SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384 [支持]
SSL_ECDHE_RSA_WITH_NULL_SHA [支持]
SSL_ECDHE_RSA_WITH_RC4_128_SHA [支持]
SSL_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA [支持]
SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA [支持]
SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 [支持]
SSL_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 [支持]
SSL_ECDH_ECDSA_WITH_AES_256_CBC_SHA [支持]
SSL_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 [支持]
SSL_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 [支持]
SSL_ECDH_ECDSA_WITH_NULL_SHA [支持]
SSL_ECDH_ECDSA_WITH_RC4_128_SHA [支持]
SSL_ECDH_RSA_WITH_3DES_EDE_CBC_SHA [支持]
SSL_ECDH_RSA_WITH_AES_128_CBC_SHA [支持]
SSL_ECDH_RSA_WITH_AES_128_CBC_SHA256 [支持]
SSL_ECDH_RSA_WITH_AES_128_GCM_SHA256 [支持]
SSL_ECDH_RSA_WITH_AES_256_CBC_SHA [支持]
SSL_ECDH_RSA_WITH_AES_256_CBC_SHA384 [支持的]
SSL_ECDH_RSA_WITH_AES_256_GCM_SHA384 [支持]
SSL_ECDH_RSA_WITH_NULL_SHA [支持]
SSL_ECDH_RSA_WITH_RC4_128_SHA [支持]
SSL_ECDH_anon_WITH_3DES_EDE_CBC_SHA [支持]
SSL_ECDH_anon_WITH_AES_128_CBC_SHA [支持]
SSL_ECDH_anon_WITH_AES_256_CBC_SHA [支持]
SSL_ECDH_anon_WITH_NULL_SHA [支持]
SSL_ECDH_anon_WITH_RC4_128_SHA [支持]
SSL_KRB5_EXPORT_WITH_DES_CBC_40_MD5 [支持]
SSL_KRB5_EXPORT_WITH_DES_CBC_40_SHA [支持]
SSL_KRB5_EXPORT_WITH_RC4_40_MD5 [支持]
SSL_KRB5_EXPORT_WITH_RC4_40_SHA [支持]
SSL_KRB5_WITH_3DES_EDE_CBC_MD5 [支持]
SSL_KRB5_WITH_3DES_EDE_CBC_SHA [支持]
SSL_KRB5_WITH_DES_CBC_MD5 [支持]
SSL_KRB5_WITH_DES_CBC_SHA [支持]
SSL_KRB5_WITH_RC4_128_MD5 [支持]
SSL_KRB5_WITH_RC4_128_SHA [支持]
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA [支持]
SSL_RSA_EXPORT_WITH_RC4_40_MD5 [支持]
SSL_RSA_FIPS_WITH_3DES_EDE_CB C_SHA [默认]
SSL_RSA_FIPS_WITH_DES_CBC_SHA [默认]
SSL_RSA_WITH_3DES_EDE_CBC_SHA [默认]
SSL_RSA_WITH_AES_128_CBC_SHA [默认]
SSL_RSA_WITH_AES_128_CBC_SHA256 [支持]
SSL_RSA_WITH_AES_128_GCM_SHA256 [支持]
SSL_RSA_WITH_AES_256_CBC_SHA [默认值]
SSL_RSA_WITH_AES_256_CBC_SHA256 [支持]
SSL_RSA_WITH_AES_256_GCM_SHA384 [支持]
SSL_RSA_WITH_DES_CBC_SHA [默认]
SSL_RSA_WITH_NULL_MD5 [支持]
SSL_RSA_WITH_NULL_SHA [支持]
SSL_RSA_WITH_NULL_SHA256 [支持]
SSL_RSA_WITH_RC4_128_MD5 [支持]
SSL_RSA_WITH_RC4_128_SHA [支持]
任何人都可以告诉我如何在服务器套接字工厂中提供TLS密码套件?
解决方案
问题似乎是Dropbox Java SDK 基于硬编码列表限制SSL套接字中启用的密码套件。 该列表以 TLS _ 开头。但是,在Domino JVM密码套件中,名称始终以 SSL _ 开头,即使它们所涉及的SSL上下文具有协议TLSv1或更高版本。
<我现在已经停止使用Dropbox Java SDK并开始使用Dropbox API,通过使用 HttpsUrlConnection 。这不如Java SDK那么方便,但至少与TLSv1的SSL握手按预期工作。
In a XPages application I want to make use of the Dropbox Java SDK (2.1.2) for API v2 to get information about my Dropbox account. The following code is used to retrieve the corresponding account object:
String atoken = "****";
DbxRequestConfig rc = new DbxRequestConfig("****");
DbxClientV2 client = new DbxClientV2(rc,atoken);
DbxUserUsersRequests users = client.users();
FullAccount acc = users.getCurrentAccount(); // Exception raised here
The last line raises the following exception:
com.dropbox.core.NetworkIOException: No appropriate protocol
at com.dropbox.core.DbxRequestUtil.startPostRaw(DbxRequestUtil.java:240)
...
Caused by: javax.net.ssl.SSLHandshakeException: No appropriate protocol
at com.ibm.jsse2.kb.c(kb.java:347)
...
From the stacktrace I concluded that IBMJSSE2 is the security provider used to handle the SSL handshake. So I ran the code from above in a non-Domino JVM (JRE7) which uses the SunJSSE security provider and it worked without any problems. Hence the problem must be related to IBM's Domino JVM but I can't figure out how to fix it.
Can anybody help me with this or provide a hint to a solution?
Additional information:
Version of Domino server: 9.0.1 FP4 HF70
Java runtime version: pwa6460sr16fp4-20150414_01 (SR16 FP4) [22B8:0002-1E88]
JVM version: JRE 1.6.0 IBM J9 2.4 Windows 7 amd64-64 jvmwa6460sr16fp4-20150406_242976 (JIT enabled, AOT enabled) J9VM - 20150406_242976 JIT - r9_20150402_88984 GC - GA24_Java6_SR16_20150406_1410_B242976
Unrestricted JCE policy files have been installed in the Domino JVM.
Properties of the IBMJSSE2 security provider:
Alg.Alias.TrustManagerFactory.IbmPKIX = PKIX
Alg.Alias.TrustManagerFactory.X.509 = PKIX
Alg.Alias.TrustManagerFactory.X509 = PKIX
KeyManagerFactory.IbmX509 = com.ibm.jsse2.rc$a_
KeyManagerFactory.NewIbmX509 = com.ibm.jsse2.rc$b_
Provider.id className = com.ibm.jsse2.IBMJSSEProvider2
Provider.id info = IBM JSSE provider2 (implements IbmX509 key/trust factories, SSLv3, TLSv1)
Provider.id name = IBMJSSE2
Provider.id version = 1.6
SSLContext.Default = com.ibm.jsse2.tc
SSLContext.SSL = com.ibm.jsse2.uc
SSLContext.SSL_TLS = com.ibm.jsse2.vc
SSLContext.SSL_TLSv2 = com.ibm.jsse2.wc
SSLContext.TLS = com.ibm.jsse2.yc
SSLContext.TLSv1 = com.ibm.jsse2.zc
SSLContext.TLSv1.1 = com.ibm.jsse2.ad
SSLContext.TLSv1.2 = com.ibm.jsse2.bd
TrustManagerFactory.IbmX509 = com.ibm.jsse2.ed$b_
TrustManagerFactory.PKIX = com.ibm.jsse2.ed$a_
Full stacktrace of exception:
com.dropbox.core.NetworkIOException: No appropriate protocol
at com.dropbox.core.DbxRequestUtil.startPostRaw(DbxRequestUtil.java:240)
at com.dropbox.core.v2.DbxRawClientV2$1.execute(DbxRawClientV2.java:100)
at com.dropbox.core.v2.DbxRawClientV2.executeRetriable(DbxRawClientV2.java:256)
at com.dropbox.core.v2.DbxRawClientV2.rpcStyle(DbxRawClientV2.java:97)
at com.dropbox.core.v2.users.DbxUserUsersRequests.getCurrentAccount(DbxUserUsersRequests.java:120)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)
at java.lang.reflect.Method.invoke(Method.java:611)
at com.ibm.jscript.types.JavaAccessObject.call(JavaAccessObject.java:321)
at com.ibm.jscript.types.FBSObject.call(FBSObject.java:161)
at com.ibm.jscript.ASTTree.ASTCall.interpret(ASTCall.java:197)
at com.ibm.jscript.ASTTree.ASTAssign.interpret(ASTAssign.java:91)
at com.ibm.jscript.ASTTree.ASTBlock.interpret(ASTBlock.java:100)
at com.ibm.jscript.ASTTree.ASTTry.interpret(ASTTry.java:109)
at com.ibm.jscript.ASTTree.ASTBlock.interpret(ASTBlock.java:100)
at com.ibm.jscript.ASTTree.ASTTry.interpret(ASTTry.java:109)
at com.ibm.jscript.std.FunctionObject._executeFunction(FunctionObject.java:261)
at com.ibm.jscript.std.FunctionObject.executeFunction(FunctionObject.java:185)
at com.ibm.jscript.std.FunctionObject.call(FunctionObject.java:171)
at com.ibm.jscript.types.FBSObject.call(FBSObject.java:161)
at com.ibm.jscript.ASTTree.ASTCall.interpret(ASTCall.java:197)
at com.ibm.jscript.ASTTree.ASTAssign.interpret(ASTAssign.java:91)
at com.ibm.jscript.ASTTree.ASTBlock.interpret(ASTBlock.java:100)
at com.ibm.jscript.ASTTree.ASTIf.interpret(ASTIf.java:85)
at com.ibm.jscript.ASTTree.ASTProgram.interpret(ASTProgram.java:119)
at com.ibm.jscript.types.FBSGlobalObject$GlobalMethod.call(FBSGlobalObject.java:280)
at com.ibm.jscript.types.FBSObject.call(FBSObject.java:161)
at com.ibm.jscript.types.FBSGlobalObject$GlobalMethod.call(FBSGlobalObject.java:219)
at com.ibm.jscript.ASTTree.ASTCall.interpret(ASTCall.java:197)
at com.ibm.jscript.ASTTree.ASTBlock.interpret(ASTBlock.java:100)
at com.ibm.jscript.ASTTree.ASTIf.interpret(ASTIf.java:85)
at com.ibm.jscript.ASTTree.ASTBlock.interpret(ASTBlock.java:100)
at com.ibm.jscript.ASTTree.ASTTry.interpret(ASTTry.java:109)
at com.ibm.jscript.std.FunctionObject._executeFunction(FunctionObject.java:261)
at com.ibm.jscript.std.FunctionObject.executeFunction(FunctionObject.java:185)
at com.ibm.jscript.std.FunctionObject.call(FunctionObject.java:171)
at com.ibm.jscript.std.FunctionPrototype$FunctionMethod.call(FunctionPrototype.java:169)
at com.ibm.jscript.types.FBSObject.call(FBSObject.java:161)
at com.ibm.jscript.ASTTree.ASTCall.interpret(ASTCall.java:197)
at com.ibm.jscript.ASTTree.ASTAssign.interpret(ASTAssign.java:91)
at com.ibm.jscript.ASTTree.ASTBlock.interpret(ASTBlock.java:100)
at com.ibm.jscript.ASTTree.ASTIf.interpret(ASTIf.java:85)
at com.ibm.jscript.ASTTree.ASTBlock.interpret(ASTBlock.java:100)
at com.ibm.jscript.ASTTree.ASTTry.interpret(ASTTry.java:109)
at com.ibm.jscript.ASTTree.ASTProgram.interpret(ASTProgram.java:119)
at com.ibm.jscript.ASTTree.ASTProgram.interpretEx(ASTProgram.java:139)
at com.ibm.jscript.JSExpression._interpretExpression(JSExpression.java:435)
at com.ibm.jscript.JSExpression.access$1(JSExpression.java:424)
at com.ibm.jscript.JSExpression$2.run(JSExpression.java:414)
at java.security.AccessController.doPrivileged(AccessController.java:448)
at com.ibm.jscript.JSExpression.interpretExpression(JSExpression.java:410)
at com.ibm.jscript.JSExpression.evaluateValue(JSExpression.java:251)
at com.ibm.jscript.JSExpression.evaluateValue(JSExpression.java:234)
at com.ibm.xsp.javascript.JavaScriptInterpreter.interpret(JavaScriptInterpreter.java:222)
at com.ibm.xsp.binding.javascript.JavaScriptMethodBinding.invoke(JavaScriptMethodBinding.java:111)
at com.ibm.xsp.component.UIViewRootEx.invokePhaseMethodBinding(UIViewRootEx.java:1735)
at com.ibm.xsp.controller.FacesControllerImpl.invokePhaseMethodBinding(FacesControllerImpl.java:450)
at com.ibm.xsp.controller.FacesControllerImpl.access$0(FacesControllerImpl.java:444)
at com.ibm.xsp.controller.FacesControllerImpl$ViewPhaseListener.afterPhase(FacesControllerImpl.java:512)
at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:218)
at com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:120)
at com.ibm.xsp.controller.FacesControllerImpl.render(FacesControllerImpl.java:270)
at com.ibm.xsp.webapp.FacesServlet.serviceView(FacesServlet.java:261)
at com.ibm.xsp.webapp.FacesServletEx.serviceView(FacesServletEx.java:157)
at com.ibm.xsp.webapp.FacesServlet.service(FacesServlet.java:160)
at com.ibm.xsp.webapp.FacesServletEx.service(FacesServletEx.java:138)
at com.ibm.xsp.webapp.DesignerFacesServlet.service(DesignerFacesServlet.java:103)
at com.ibm.designer.runtime.domino.adapter.ComponentModule.invokeServlet(ComponentModule.java:576)
at com.ibm.domino.xsp.module.nsf.NSFComponentModule.invokeServlet(NSFComponentModule.java:1335)
at com.ibm.designer.runtime.domino.adapter.ComponentModule$AdapterInvoker.invokeServlet(ComponentModule.java:853)
at com.ibm.designer.runtime.domino.adapter.ComponentModule$ServletInvoker.doService(ComponentModule.java:796)
at com.ibm.designer.runtime.domino.adapter.ComponentModule.doService(ComponentModule.java:565)
at com.ibm.domino.xsp.module.nsf.NSFComponentModule.doService(NSFComponentModule.java:1319)
at com.ibm.domino.xsp.module.nsf.NSFService.doServiceInternal(NSFService.java:662)
at com.ibm.domino.xsp.module.nsf.NSFService.doService(NSFService.java:482)
at com.ibm.designer.runtime.domino.adapter.LCDEnvironment.doService(LCDEnvironment.java:357)
at com.ibm.designer.runtime.domino.adapter.LCDEnvironment.service(LCDEnvironment.java:313)
at com.ibm.domino.xsp.bridge.http.engine.XspCmdManager.service(XspCmdManager.java:272)
Caused by: javax.net.ssl.SSLHandshakeException: No appropriate protocol
at com.ibm.jsse2.kb.c(kb.java:347)
at com.ibm.jsse2.SSLSocketImpl.i(SSLSocketImpl.java:363)
at com.ibm.jsse2.SSLSocketImpl.h(SSLSocketImpl.java:650)
at com.ibm.jsse2.SSLSocketImpl.a(SSLSocketImpl.java:669)
at com.ibm.jsse2.SSLSocketImpl.startHandshake(SSLSocketImpl.java:95)
at com.ibm.net.ssl.www2.protocol.https.c.afterConnect(c.java:162)
at com.ibm.net.ssl.www2.protocol.https.d.connect(d.java:36)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1044)
at com.ibm.net.ssl.www2.protocol.https.b.getOutputStream(b.java:53)
at com.dropbox.core.http.StandardHttpRequestor.getOutputStream(StandardHttpRequestor.java:123)
at com.dropbox.core.http.StandardHttpRequestor.access$000(StandardHttpRequestor.java:28)
at com.dropbox.core.http.StandardHttpRequestor$Uploader.(StandardHttpRequestor.java:133)
at com.dropbox.core.http.StandardHttpRequestor.startPost(StandardHttpRequestor.java:72)
at com.dropbox.core.http.StandardHttpRequestor.startPost(StandardHttpRequestor.java:28)
at com.dropbox.core.DbxRequestUtil.startPostRaw(DbxRequestUtil.java:232)
...
Update: After setting javax.net.debug=ssl:handshake:data (as suggested by Jigar Joshi) the error log and trace log provide the following additional information:
Certificate with subject EMAILADDRESS=****, CN=****, O=****, L=****, ST=****, C=****, issued by CN=****, OU=****, O=****, C=****, is not trusted. Validation failed with error 3659.
CommonBaseEventLogRecord:sourceClassName = com.ibm.domino.napi.ssl.DominoX509TrustManager
CommonBaseEventLogRecord:sourceMethodName = checkServerTrusted
<sourcecomponentid component="Expeditor 6.2" componentidtype="ProductName" instanceid="" location="****" locationtype="Hostname" subcomponent="com.ibm.domino.napi.ssl" threadid="5" componenttype="http://www.w3.org/2001/XMLSchema-instance">
The certificate that is not trusted is my own, even though all certificates and the private key were imported into my keystore. The fact that the keystore works in the non-Domino JVM allows me to conclude that the keystore file should be valid. Yet, the certificate is still not trusted when running the code in the Domino JVM.
Update: The core part of the debug output (javax.net.debug=ssl:handshake) is
SSLContextImpl: Using X509ExtendedKeyManager com.ibm.jsse2.hd
SSLContextImpl: Using X509TrustManager com.ibm.jsse2.pc
IBMJSSE2 will ignore com.ibm.jsse2.overrideDefaultProtocol since was set to a non recognized value TLSv1
Installed Providers = IBMJSSE2, IBMJCE, IBMJGSSProvider, IBMCertPath, IBMSASL, IBMXMLCRYPTO, IBMXMLEnc, Policy, IBMSPNEGO
JsseJCE: Using SecureRandom IBMSecureRandom from provider IBMJCE version 1.2
trigger seeding of SecureRandom
done seeding SecureRandom
IBMJSSE2 will enable CBC protection
IBMJSSE2 to send SCSV Cipher Suite on initial ClientHello
JsseJCE: Using SecureRandom IBMSecureRandom from provider IBMJCE version 1.2
IBMJSSE2 will allow RFC 5746 renegotiation per com.ibm.jsse2.renegotiate set to none or default
IBMJSSE2 will not require renegotiation indicator during initial handshake per com.ibm.jsse2.renegotiation.indicator set to OPTIONAL or default taken
IBMJSSE2 will not perform identity checking against the peer cert check during renegotiation per com.ibm.jsse2.renegotiation.peer.cert.check set to OFF or default
IBMJSSE2 will not allow unsafe server certificate change during renegotiation per jdk.tls.allowUnsafeServerCertChange set to FALSE or default
Is initial handshake: true
JsseJCE: Using KeyAgreement ECDH from provider IBMJCE version 1.2
JsseJCE: Using signature SHA1withECDSA from provider TBD via init
JsseJCE: Using signature NONEwithECDSA from provider TBD via init
JsseJCE: Using KeyFactory EC from provider IBMJCE version 1.2
JsseJCE: Using KeyPairGenerator EC from provider TBD via init
JsseJce: EC is available
Ignoring disabled cipher suite: SSL_RENEGO_PROTECTION_REQUEST for TLSv1
No available cipher suite for TLSv1
Thread-8, handling exception: javax.net.ssl.SSLHandshakeException: No appropriate protocol
Thread-8, SEND TLSv1 ALERT: fatal,
description = handshake_failure
"No available cipher suite for TLSv1" seems to be the root of my problem.
Update: Getting the default SSL server socket factory (SSLServerSocketFactory.getDefault()) and the corresponding default and supported cipher suites (getDefaultCipherSuites() / getSupportedCipherSuites()) revealed that only SSL cipher suites are available:
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA [supported]
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA [default]
SSL_DHE_DSS_WITH_AES_128_CBC_SHA [default]
SSL_DHE_DSS_WITH_AES_128_CBC_SHA256 [supported]
SSL_DHE_DSS_WITH_AES_128_GCM_SHA256 [supported]
SSL_DHE_DSS_WITH_AES_256_CBC_SHA [default]
SSL_DHE_DSS_WITH_AES_256_CBC_SHA256 [supported]
SSL_DHE_DSS_WITH_AES_256_GCM_SHA384 [supported]
SSL_DHE_DSS_WITH_DES_CBC_SHA [default]
SSL_DHE_DSS_WITH_RC4_128_SHA [supported]
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA [supported]
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA [default]
SSL_DHE_RSA_WITH_AES_128_CBC_SHA [default]
SSL_DHE_RSA_WITH_AES_128_CBC_SHA256 [supported]
SSL_DHE_RSA_WITH_AES_128_GCM_SHA256 [supported]
SSL_DHE_RSA_WITH_AES_256_CBC_SHA [default]
SSL_DHE_RSA_WITH_AES_256_CBC_SHA256 [supported]
SSL_DHE_RSA_WITH_AES_256_GCM_SHA384 [supported]
SSL_DHE_RSA_WITH_DES_CBC_SHA [default]
SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA [supported]
SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 [supported]
SSL_DH_anon_WITH_3DES_EDE_CBC_SHA [supported]
SSL_DH_anon_WITH_AES_128_CBC_SHA [supported]
SSL_DH_anon_WITH_AES_128_CBC_SHA256 [supported]
SSL_DH_anon_WITH_AES_128_GCM_SHA256 [supported]
SSL_DH_anon_WITH_AES_256_CBC_SHA [supported]
SSL_DH_anon_WITH_AES_256_CBC_SHA256 [supported]
SSL_DH_anon_WITH_AES_256_GCM_SHA384 [supported]
SSL_DH_anon_WITH_DES_CBC_SHA [supported]
SSL_DH_anon_WITH_RC4_128_MD5 [supported]
SSL_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA [supported]
SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA [supported]
SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 [supported]
SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 [supported]
SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA [supported]
SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 [supported]
SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 [supported]
SSL_ECDHE_ECDSA_WITH_NULL_SHA [supported]
SSL_ECDHE_ECDSA_WITH_RC4_128_SHA [supported]
SSL_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA [supported]
SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA [supported]
SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256 [supported]
SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA256 [supported]
SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA [supported]
SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA384 [supported]
SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384 [supported]
SSL_ECDHE_RSA_WITH_NULL_SHA [supported]
SSL_ECDHE_RSA_WITH_RC4_128_SHA [supported]
SSL_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA [supported]
SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA [supported]
SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 [supported]
SSL_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 [supported]
SSL_ECDH_ECDSA_WITH_AES_256_CBC_SHA [supported]
SSL_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 [supported]
SSL_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 [supported]
SSL_ECDH_ECDSA_WITH_NULL_SHA [supported]
SSL_ECDH_ECDSA_WITH_RC4_128_SHA [supported]
SSL_ECDH_RSA_WITH_3DES_EDE_CBC_SHA [supported]
SSL_ECDH_RSA_WITH_AES_128_CBC_SHA [supported]
SSL_ECDH_RSA_WITH_AES_128_CBC_SHA256 [supported]
SSL_ECDH_RSA_WITH_AES_128_GCM_SHA256 [supported]
SSL_ECDH_RSA_WITH_AES_256_CBC_SHA [supported]
SSL_ECDH_RSA_WITH_AES_256_CBC_SHA384 [supported]
SSL_ECDH_RSA_WITH_AES_256_GCM_SHA384 [supported]
SSL_ECDH_RSA_WITH_NULL_SHA [supported]
SSL_ECDH_RSA_WITH_RC4_128_SHA [supported]
SSL_ECDH_anon_WITH_3DES_EDE_CBC_SHA [supported]
SSL_ECDH_anon_WITH_AES_128_CBC_SHA [supported]
SSL_ECDH_anon_WITH_AES_256_CBC_SHA [supported]
SSL_ECDH_anon_WITH_NULL_SHA [supported]
SSL_ECDH_anon_WITH_RC4_128_SHA [supported]
SSL_KRB5_EXPORT_WITH_DES_CBC_40_MD5 [supported]
SSL_KRB5_EXPORT_WITH_DES_CBC_40_SHA [supported]
SSL_KRB5_EXPORT_WITH_RC4_40_MD5 [supported]
SSL_KRB5_EXPORT_WITH_RC4_40_SHA [supported]
SSL_KRB5_WITH_3DES_EDE_CBC_MD5 [supported]
SSL_KRB5_WITH_3DES_EDE_CBC_SHA [supported]
SSL_KRB5_WITH_DES_CBC_MD5 [supported]
SSL_KRB5_WITH_DES_CBC_SHA [supported]
SSL_KRB5_WITH_RC4_128_MD5 [supported]
SSL_KRB5_WITH_RC4_128_SHA [supported]
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA [supported]
SSL_RSA_EXPORT_WITH_RC4_40_MD5 [supported]
SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA [default]
SSL_RSA_FIPS_WITH_DES_CBC_SHA [default]
SSL_RSA_WITH_3DES_EDE_CBC_SHA [default]
SSL_RSA_WITH_AES_128_CBC_SHA [default]
SSL_RSA_WITH_AES_128_CBC_SHA256 [supported]
SSL_RSA_WITH_AES_128_GCM_SHA256 [supported]
SSL_RSA_WITH_AES_256_CBC_SHA [default]
SSL_RSA_WITH_AES_256_CBC_SHA256 [supported]
SSL_RSA_WITH_AES_256_GCM_SHA384 [supported]
SSL_RSA_WITH_DES_CBC_SHA [default]
SSL_RSA_WITH_NULL_MD5 [supported]
SSL_RSA_WITH_NULL_SHA [supported]
SSL_RSA_WITH_NULL_SHA256 [supported]
SSL_RSA_WITH_RC4_128_MD5 [supported]
SSL_RSA_WITH_RC4_128_SHA [supported]
Can anybody tell me how to make TLS cipher suites available in the server socket factory?
解决方案
The problem seems to be that the Dropbox Java SDK limits the enabled cipher suites in the SSL sockets based on a hard-coded list. All relevant cipher suite names in that list start with "TLS_". However, in the Domino JVM cipher suite names always start with "SSL_" even when the SSL context they are related to has protocol TLSv1 or higher.
I have now stopped working with the Dropbox Java SDK and started using the Dropbox API by making HTTP posts using HttpsUrlConnection. This is not as convenient as the Java SDK, but at least the SSL handshake with TLSv1 works as expected.
这篇关于使用Dropbox Java SDK for API v2时获取SSLHandshakeException的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
