此笔记记载了本人在使用centos7.6环境下使用java连接sqlserver2008时
The server selected protocol version TLS10 is not accepted by client preferences [TLS12]及安全套接字层(SSL)加密与 SQL Server 建立安全连接的症状、排查及解决方案。
环境
系统:centos7.6
JDK:openjdk 1.8
连接库:com.microsoft.sqlserver,mssql-jdbc,6.1.0.jre8
数据库:SQL server 2008
症状
在执行到如下代码时会遇到The server selected protocol version TLS10 is not accepted by client preferences [TLS12]及安全套接字层(SSL)加密与 SQL Server 建立安全连接的错误提示。
public WhiteListResult JudgmentQingJia(String number) throws SQLException {
DriverManager.registerDriver(new SQLServerDriver());
Connection connection = null;
Statement stmt = null;
try {
Class.forName(DRIVER);
connection = DriverManager.getConnection(URL + DATABASE_NAME, USER_NAME, PASSWORD);
stmt =
connection.createStatement(
ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
stmt.setQueryTimeout(1);
ResultSet resultSet =
stmt.executeQuery(
String.format(
"SELECT * FROM user",
number));
boolean find = resultSet.first();
resultSet.close();
return new WhiteListResult(true, "success", find);
} catch (ClassNotFoundException e) {
System.out.println(e);
return new WhiteListResult(true, "驱动问题", false);
} catch (SQLException e) {
System.out.println(e);
return new WhiteListResult(true, e.getMessage(), false);
} finally {
if (stmt != null && !stmt.isClosed()) {
stmt.close();
stmt = null;
}
if (connection != null && !connection.isClosed()) {
connection.close();
connection = null;
}
}
}
解决方案
造成此问题的主要原因是由于算法的配置问题导致。解决方案是修改算法的配置即可。
# 进入jdk配置目录
cd /usr/lib/jvm/jre/lib/security
# 编辑配置文件
nano java.security
# 找到并修改如下参数
jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024,
EC keySize < 224, 3DES_EDE_CBC
# 保存并重新启动项目即可