正常运行项目的时候,发现java调用SSL的时候,突然一下抛出一个异常,之前都还是好好的。

javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)

at sun.security.ssl.Handshaker.activate(Handshaker.java:529)

at sun.security.ssl.SSLSocketImpl.kickstartHandshake(SSLSocketImpl.java:1492)

at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1361)

at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413)

at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397)

经过一阵瞎搞,最后才发现是因为jdk1.8版本导致SSL调用权限上有问题。

解决办法:找到jdk 1.8安装目录,找到C:\Program Files\Java\jre里面的lib\security 下面有个java.security。找到对应的SSLv3TLSv1, TLSv1.1(亲测可以,网上很多只删除SSLv3,删除掉,重启项目就好了。(删掉SSLv3就是允许SSL调用)

解决方法:

1.删除掉该文件里的 SSLv3(删掉SSLv3就是允许SSL调用).

2.application.yml里配置数据源时添加上 &useSSL=false.

Caused by: com.mysql.cj.exceptions.CJCommunicationsException: Communications link failure
 
The last packet sent successfully to the server was 0 milliseconds ago. The driver has not received any packets from the server.
	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) ~[na:1.8.0_301]
	at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) ~[na:1.8.0_301]
	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) ~[na:1.8.0_301]
	at java.lang.reflect.Constructor.newInstance(Constructor.java:423) ~[na:1.8.0_301]
	at com.mysql.cj.exceptions.ExceptionFactory.createException(ExceptionFactory.java:61) ~[mysql-connector-java-8.0.15.jar:8.0.15]
	at com.mysql.cj.exceptions.ExceptionFactory.createException(ExceptionFactory.java:105) ~[mysql-connector-java-8.0.15.jar:8.0.15]
	at com.mysql.cj.exceptions.ExceptionFactory.createException(ExceptionFactory.java:151) ~[mysql-connector-java-8.0.15.jar:8.0.15]
	at com.mysql.cj.exceptions.ExceptionFactory.createCommunicationsException(ExceptionFactory.java:167) ~[mysql-connector-java-8.0.15.jar:8.0.15]
	at com.mysql.cj.protocol.a.NativeProtocol.negotiateSSLConnection(NativeProtocol.java:361) ~[mysql-connector-java-8.0.15.jar:8.0.15]
	at com.mysql.cj.protocol.a.NativeAuthenticationProvider.negotiateSSLConnection(NativeAuthenticationProvider.java:777) ~[mysql-connector-java-8.0.15.jar:8.0.15]
	at com.mysql.cj.protocol.a.NativeAuthenticationProvider.proceedHandshakeWithPluggableAuthentication(NativeAuthenticationProvider.java:486) ~[mysql-connector-java-8.0.15.jar:8.0.15]
	at com.mysql.cj.protocol.a.NativeAuthenticationProvider.connect(NativeAuthenticationProvider.java:202) ~[mysql-connector-java-8.0.15.jar:8.0.15]
	at com.mysql.cj.protocol.a.NativeProtocol.connect(NativeProtocol.java:1449) ~[mysql-connector-java-8.0.15.jar:8.0.15]
	at com.mysql.cj.NativeSession.connect(NativeSession.java:165) ~[mysql-connector-java-8.0.15.jar:8.0.15]
	at com.mysql.cj.jdbc.ConnectionImpl.connectOneTryOnly(ConnectionImpl.java:955) ~[mysql-connector-java-8.0.15.jar:8.0.15]
	at com.mysql.cj.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:825) ~[mysql-connector-java-8.0.15.jar:8.0.15]
	... 62 common frames omitted
Caused by: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
	at sun.security.ssl.HandshakeContext.<init>(HandshakeContext.java:171) ~[na:1.8.0_301]
	at sun.security.ssl.ClientHandshakeContext.<init>(ClientHandshakeContext.java:101) ~[na:1.8.0_301]
	at sun.security.ssl.TransportContext.kickstart(TransportContext.java:238) ~[na:1.8.0_301]
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:394) ~[na:1.8.0_301]
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:373) ~[na:1.8.0_301]
	at com.mysql.cj.protocol.ExportControlled.performTlsHandshake(ExportControlled.java:315) ~[mysql-connector-java-8.0.15.jar:8.0.15]
	at com.mysql.cj.protocol.StandardSocketFactory.performTlsHandshake(StandardSocketFactory.java:188) ~[mysql-connector-java-8.0.15.jar:8.0.15]
	at com.mysql.cj.protocol.a.NativeSocketConnection.performTlsHandshake(NativeSocketConnection.java:99) ~[mysql-connector-java-8.0.15.jar:8.0.15]
	at com.mysql.cj.protocol.a.NativeProtocol.negotiateSSLConnection(NativeProtocol.java:352) ~[mysql-connector-java-8.0.15.jar:8.0.15]
	... 69 common frames omitted

javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher su 解决办法

一、发现问题

javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
	at sun.security.ssl.HandshakeContext.<init>(HandshakeContext.java:171)
	at sun.security.ssl.ClientHandshakeContext.<init>(ClientHandshakeContext.java:98)
	at sun.security.ssl.TransportContext.kickstart(TransportContext.java:220)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:387)
	at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:436)
	at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384)
	at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
	at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376)
	at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393)
	at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
	at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
	at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
	at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
	at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
	at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
	at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108)1234567891011121314151617

二、研究问题
jdk问题

三、解决问题
修改java.security 文件

Linux 默认路径/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.275.b01-1.el8_3.x86_64/jre/lib/security
Windows默认路径C:\Program Files\Java\jdk1.8.0_261\jre\lib\security

[root@iZ2ze30dygwd6yh7gu6lskZ security]# pwd[root@iZ2ze30dygwd6yh7gu6lskZ security]# pwd/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.275.b01-1.el8_3.x86_64/jre/lib/security[root@iZ2ze30dygwd6yh7gu6lskZ security]# lsblacklisted.certs  cacerts  java.policy  java.security  nss.cfg  nss.fips.cfg  policy[root@iZ2ze30dygwd6yh7gu6lskZ security]# 123456

亲测Java调用ssl异常javax.net.ssl.SSLHandshakeException:No appropriate protocol is disabled or ... 第1张
删除SSLv3, TLSv1, TLSv1.1
亲测Java调用ssl异常javax.net.ssl.SSLHandshakeException:No appropriate protocol is disabled or ... 第2张
重启您的Java服务即可

如果仍然报错那就使用下面的方法
把 “TLSv1” 给改成null
把微信提供的方法中TLSv1改成null

SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(
                    sslContext,
//                    new String[]{"TLSv1"},    // 解决javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
                    null,
                    null,
                    new DefaultHostnameVerifier());123456

亲测Java调用ssl异常javax.net.ssl.SSLHandshakeException:No appropriate protocol is disabled or ... 第3张
实在不行的话建议直接更换JDK。

点击: 更换JDK