获取HttpsURLConnection中使用的SSL版本 – Java
我正在开发一个java代理来监视我的应用服务器中发生的http通信。 我想知道传出Https连接中使用的SSL版本(SSLv3,TLS等)。 有没有办法以任何方式获得SSL版本?
我使用这个解决方案,也许它可以帮助你:
首先,你需要一个SSLSocketFactory的扩展类来将HandshakeCompletedListener附加到SSLSocketFactory创建的套接字:(受启发式如何覆盖使用HttpsURLConnection时由Android发送到服务器的密码列表? )
public class SecureSSLSocketFactory extends SSLSocketFactory { private final SSLSocketFactory delegate; private HandshakeCompletedListener handshakeListener; public SecureSSLSocketFactory( SSLSocketFactory delegate, HandshakeCompletedListener handshakeListener) { this.delegate = delegate; this.handshakeListener = handshakeListener; } @Override public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException { SSLSocket socket = (SSLSocket) this.delegate.createSocket(s, host, port, autoClose); if (null != this.handshakeListener) { socket.addHandshakeCompletedListener(this.handshakeListener); } return socket; } // and so on for all the other createSocket methods of SSLSocketFactory. @Override public String[] getDefaultCipherSuites() { // TODO: or your own preferences return this.delegate.getDefaultCipherSuites(); } @Override public String[] getSupportedCipherSuites() { // TODO: or your own preferences return this.delegate.getSupportedCipherSuites(); }
然后,您需要HandshakeCompletedListener接口的实现。 您必须实现handshakeCompleted方法:
public class MyHandshakeCompletedListener implements HandshakeCompletedListener { @Override public void handshakeCompleted(HandshakeCompletedEvent event) { SSLSession session = event.getSession(); String protocol = session.getProtocol(); String cipherSuite = session.getCipherSuite(); String peerName = null; try { peerName = session.getPeerPrincipal().getName(); } catch (SSLPeerUnverifiedException e) { } }
在handshakeCompleted您可以获得协议版本(可能是TLSv1.2),顺便提一下也可以获得密码套件等信息,也可以通过HttpsConnection访问。 您可以在连接之前通过conn.setSSLSocketFactory设置自定义SSL套接字工厂:
private void setupAndConnect() { URL url = new URL("https://host.dom/xyz"); HttpsURLConnection conn = (HttpsURLConnection) url.openConnection(); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(/*keyManagers*/null, /*trustManagers*/null, /*new SecureRandom()*/null); // simple here conn.setSSLSocketFactory(new SecureSSLSocketFactory(sslContext.getSocketFactory(), new MyHandshakeCompletedListener())); // conn.set... /* set other parameters */ conn.connect();