爬虫客户端报错:javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate
报错原因: SSL/TLS 协议版本不匹配:客户端支持的协议版本与服务器要求的版本不兼容。 加密套件不匹配:客户端支持的加密套件与服务器要求的加密套件不兼容。 服务器配置问题:服务器可能禁用了某些旧的协议或加密套件。 JVM 配置问题:运行时环境可能禁用了某些协议或加密套件。
解决:
import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.socket.ConnectionSocketFactory;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContexts;
import javax.net.ssl.SSLContext;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
public CloseableHttpClient getHttpClient(Site site) {
try {
SSLContext sslContext = SSLContexts.custom()
.useTLS() // 使用 TLS 协议
.build();
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(
sslContext,
new String[]{"TLSv1.2", "TLSv1.3"}, // 启用支持的协议版本
null,
NoopHostnameVerifier.INSTANCE);
Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
.register("https", socketFactory)
.build();
return HttpClients.custom()
.setSSLSocketFactory(socketFactory)
.build();
} catch (NoSuchAlgorithmException | KeyManagementException e) {
throw new RuntimeException("Failed to create HttpClient with TLS support", e);
}
}