java - 如何在JBoss 4中集成 'Bouncy CaSTLe'

Question

我使用 Jboss 4.4 (Java 6)，我想知道如何集成/启用 TLSv1.2进去。我尝试添加:

security.provider.1=org.bouncycastle.jce.provider.BouncyCastleProvider

进入java/jre/lib/security/下的java.security但我仍然有 handshake_failure。

Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174) at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1822) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1004) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1215) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1199) at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:476) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1195) at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:379) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:318) at com.paypal.core.HttpConnection.execute(HttpConnection.java:99) at com.paypal.core.APIService.makeRequest(APIService.java:140) at com.paypal.core.BaseService.call(BaseService.java:149) at urn.ebay.api.PayPalAPI.PayPalAPIInterfaceServiceService.setExpressCheckout(PayPalAPIInterfaceServiceService.java:1415) at urn.ebay.api.PayPalAPI.PayPalAPIInterfaceServiceService.setExpressCheckout(PayPalAPIInterfaceServiceService.java:1445)

提前致谢。

Answer 1

这是不可能的。 Java 6/JDK 6 没有 support TLS 1.2。如果我没记错的话，JBoss 4.x 从未用 JDK7 进行过测试。

由于广为人知的漏洞，您应该禁用 SSLv3 Poodle .

您需要升级到JBoss EAP 6.4如果您有 Red Hat 订阅或 WildFly 9.0.2对于 TLS 1.2 支持，您应该使用 JDK8。之后，您可以按照其他 post 中的说明在 SSL 子系统中配置您的信任库和 key 。 .

希望这对您有所帮助。