Colleagues reported that a Java program recently reported an error with the following log:
Caused by: com.coho.cloud.data.exception.BizException: I/O error on GET request for "https://itsvse:88/rest/api": The server selected protocol version TLS10 is not accepted by client preferences [TLS12]; nested exception is javax.net.ssl.SSLHandshakeException: The server selected protocol version TLS10 is not accepted by client preferences [TLS12]
Search online to find the reasonIt may be that the new version of the JDK does not recommend using the old TLSV1.0 protocol, so TLS10 support is removed by default。
Log in to the server to view the historical commands executed and find that the update operation has been executed, as shown in the following figure:
Check out the JDK version, as follows:
openjdk version "1.8.0_292"
OpenJDK Runtime Environment (build 1.8.0_292-8u292-b10-0ubuntu1~16.04.1-b10)
OpenJDK 64-Bit Server VM (build 25.292-b10, mixed mode)
Use the following command to view the installation address of the JDK and the loaded contents:
Find the /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security/java.security file, which is just a soft link, the actual file address is: /etc/java-8-openjdk/security/java.security, editjava.securityFile.
Original configuration:
jdk.tls.disabledAlgorithms=SSLv3, TLSv1, TLSv1.1, RC4, DES, MD5withRSA, \
DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC, anon, NULL, \
include jdk.disabled.namedCurves
Re-server, re-run the Java program.
(End)
|
Posted on 10/11/2021 11:13:18 AM
|
|
|
|
