終極解決方案:java.security.cert.CertificateException: Certificates does not conform to algorithm constraints

lonecloud發表於2017-09-06

報錯資訊

javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificates does not conform to algorithm constraints

原因:

  JDK7/8後新增了安全機制,導致這個問題出現

解決方案:

方案一:

 把$JAVA_HOME/jre/lib/security/java.security 檔案裡的jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048,改成jdk.certpath.disabledAlgorithms=,去掉 "MD2, DSA, RSA keySize < 2048"

方案二:方案一沒有用再用方案二

把$JAVA_HOME/jre/lib/security/java.security 檔案裡

jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768

 改為

jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024
jdk.tls.disabledAlgorithms=SSLv3, RC4, DH keySize < 768

 

相關文章