分享程序员开发的那些事...
更新时间:2021-12-25 22:22:25
根据 https ://www.ssllabs.com ,服务器支持密码套件
According to https://www.ssllabs.com, the server supports cipher suites
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
列出它们作为不可用的密码套件,你可以在调试消息中看到。
They are listed as "unavailable cipher suite" as you can see in the debug messages.
在JRE / lib / security / local_policy.jar中,我们看到
In the JRE/lib/security/local_policy.jar, we see
// Some countries have import limits on crypto strength. This policy file
// is worldwide importable.
grant {
permission javax.crypto.CryptoPermission "DES", 64;
permission javax.crypto.CryptoPermission "DESede", *;
permission javax.crypto.CryptoPermission "RC2", 128,
"javax.crypto.spec.RC2ParameterSpec", 128;
permission javax.crypto.CryptoPermission "RC4", 128;
permission javax.crypto.CryptoPermission "RC5", 128,
"javax.crypto.spec.RC5ParameterSpec", *, 12, *;
permission javax.crypto.CryptoPermission "RSA", *;
permission javax.crypto.CryptoPermission *, 128;
};
下载并安装(JCE)Unlimited Strength Jurisdiction Policy Files - http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html - 我可以确认问题已解决。自述文件说
Download and install "(JCE) Unlimited Strength Jurisdiction Policy Files" - http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html - and I can confirm that the problem is solved. The read me file says
由于某些国家/地区的导入控制限制,
的版本捆绑了JCE策略文件在Java运行时环境中,
或JRE(TM),8环境允许强但有限的加密使用
。此下载包(包括此README文件的那个)
提供无限强度策略文件,其中不包含
加密强度限制。
Due to import control restrictions of some countries, the version of the JCE policy files that are bundled in the Java Runtime Environment, or JRE(TM), 8 environment allow "strong" but limited cryptography to be used. This download bundle (the one including this README file) provides "unlimited strength" policy files which contain no restrictions on cryptographic strengths.