Java Kubernetes 客户端 SSLHandshakeException 扩展 (5) 不应出现在证书请求中 [英] Java Kubernetes client SSLHandshakeException extension (5) should not be presented in certificate_request
问题描述
当我尝试在本地运行通过润滑油代理连接查询 Kubernetes 集群的 Java Kubernetes 客户端应用程序时,我收到扩展 (5) 不应出现在证书请求中".有什么想法吗?提前致谢
I am getting "extension (5) should not be presented in certificate_request" when trying to run locally a Java Kubernetes client application which queries the Kubernetes cluster over a lube proxy connection. Any thoughts? Thanks in advance
ApiClient client = null;
try {
client = Config.defaultClient();
//client.setVerifyingSsl(false);
} catch (IOException e) {
e.printStackTrace();
}
Configuration.setDefaultApiClient(client);
CoreV1Api api = new CoreV1Api();
V1PodList list = null;
try {
list = api.listPodForAllNamespaces(null, null, null, null, null, null, null, null, null);
} catch (ApiException e) {
e.printStackTrace();
}
for (V1Pod item : list.getItems()) {
System.out.println(item.getMetadata().getName());
}
推荐答案
您使用的是哪个版本的 Java?
Which version of Java are you using?
JDK 11 及更高版本支持 TLS 1.3,这可能会导致错误extension (5) should not be present in certificate_request
.
JDK 11 onwards have support for TLS 1.3 which can cause the error extension (5) should not be presented in certificate_request
.
将 -Djdk.tls.client.protocols=TLSv1.2
添加到 JVM 参数以使其使用 1.2
.
Add -Djdk.tls.client.protocols=TLSv1.2
to the JVM args to make it use 1.2
instead.
Go lang 上存在与此相关的问题 https://github.com/golang/go/issues/35722 和那里的某人还发布了禁用 TLS 1.3Java端
There is an issue on Go lang relating to this https://github.com/golang/go/issues/35722 and someone there also posted to disable TLS 1.3 on the Java side
这篇关于Java Kubernetes 客户端 SSLHandshakeException 扩展 (5) 不应出现在证书请求中的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!