此筆記記載了本人在使用centos7.6環境下使用java連接sqlserver2008時
The server selected protocol version TLS10 is not accepted by client preferences [TLS12]及安全套接字層(SSL)加密與 SQL Server 建立安全連接的症狀、排查及解決方案。
環境
系統:centos7.6
JDK:openjdk 1.8
連接庫:com.microsoft.sqlserver,mssql-jdbc,6.1.0.jre8
數據庫:SQL server 2008
症狀
在執行到如下代碼時會遇到The server selected protocol version TLS10 is not accepted by client preferences [TLS12]及安全套接字層(SSL)加密與 SQL Server 建立安全連接的錯誤提示。
public WhiteListResult JudgmentQingJia(String number) throws SQLException {
DriverManager.registerDriver(new SQLServerDriver());
Connection connection = null;
Statement stmt = null;
try {
Class.forName(DRIVER);
connection = DriverManager.getConnection(URL + DATABASE_NAME, USER_NAME, PASSWORD);
stmt =
connection.createStatement(
ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
stmt.setQueryTimeout(1);
ResultSet resultSet =
stmt.executeQuery(
String.format(
"SELECT * FROM user",
number));
boolean find = resultSet.first();
resultSet.close();
return new WhiteListResult(true, "success", find);
} catch (ClassNotFoundException e) {
System.out.println(e);
return new WhiteListResult(true, "驅動問題", false);
} catch (SQLException e) {
System.out.println(e);
return new WhiteListResult(true, e.getMessage(), false);
} finally {
if (stmt != null && !stmt.isClosed()) {
stmt.close();
stmt = null;
}
if (connection != null && !connection.isClosed()) {
connection.close();
connection = null;
}
}
}
解決方案
造成此問題的主要原因是由於算法的配置問題導致。解決方案是修改算法的配置即可。
# 進入jdk配置目錄
cd /usr/lib/jvm/jre/lib/security
# 編輯配置文件
nano java.security
# 找到並修改如下參數
jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \
EC keySize < 224, 3DES_EDE_CBC
# 保存並重新啟動項目即可