要求客户端应支持以下TLS加密密码套件:
private String[] cipherSuites = new String[] {
"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA ",
"TLS_RSA_WITH_AES_256_GCM_SHA384",
"TLS_RSA_WITH_AES_256_CBC_SHA256",
"TLS_RSA_WITH_AES_256_CBC_SHA",
"TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_RSA_WITH_AES_128_GCM_SHA256",
"TLS_RSA_WITH_AES_128_CBC_SHA256",
};
这是主要代码:
public static void main(String []args) throws IOException {
Hashtable<String, String> env = new Hashtable<>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://10.159.218.169:636/ou=LDAPConfData,ou=Nokia,dc=solution,dc=com");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "uid=username,ou=People,dc=solution,dc=com");
env.put(Context.SECURITY_CREDENTIALS, "123456");
env.put(Context.SECURITY_PROTOCOL, "ssl");
env.put("java.naming.ldap.factory.socket", CustomSocketFactory.class.getName());
try {
InitialDirContext context = new InitialDirContext(env);
} catch (NamingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
覆盖套接字工厂:
@Override
public Socket createSocket(String host, int port) throws IOException, UnknownHostException {
SSLSocketFactory sslFact = (SSLSocketFactory)SSLSocketFactory.getDefault();
SSLSocket sslSocket = (SSLSocket) sslFact.createSocket(host, port);
sslSocket.setEnabledCipherSuites(cipherSuites);
return sslSocket;
}
运行主代码时,会出现异常:
根异常是 java.lang.IllegalArgumentException:当前安装的提供程序无法支持 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
支持的密码套件大小为 56,但只有 4 个需要密码。
是否有什么办法可以解决这个问题?多谢。