- Download the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6. (i.e. if the link is already dead then download this instead jce_policy-6.)
- Extract the downloaded archive and follow the installation procedure found in the README.txt.
- Download the following Bouncy Castle libraries:
- bcprov-jdk15to18-166.jar
- bctls-jdk15to18-166.jar
If the preceding links doesn't work try to find them from the archive.
- Place the downloaded libraries into ${JAVA_HOME}/jre/lib/ext directory.
- Update the java.security (i.e. found in ${JAVA_HOME}/jre/lib/security directory.) file to have the following as the priority:
security.provider.1=org.bouncycastle.jce.provider.BouncyCastleProvider security.provider.2=org.bouncycastle.jsse.provider.BouncyCastleJsseProvider
Adjust the other security.provider to start from 3 like the following:
security.provider.3=sun.security.provider.Sun security.provider.4=sun.security.rsa.SunRsaSign security.provider.5=com.sun.net.ssl.internal.ssl.Provider security.provider.6=com.sun.crypto.provider.SunJCE security.provider.7=sun.security.jgss.SunProvider security.provider.8=com.sun.security.sasl.Provider security.provider.9=org.jcp.xml.dsig.internal.dom.XMLDSigRI security.provider.10=sun.security.smartcardio.SunPCSC security.provider.11=sun.security.mscapi.SunMSCAPI
- Try the following Java code:
import java.io.BufferedReader; import java.io.IOException; import java.io.InputStreamReader; import java.net.HttpURLConnection; import java.net.ProtocolException; import java.net.URL; public class Main { public static void main(String[] args) { try { URL url = new URL("https://www.nist.gov/"); System.out.println(url); HttpURLConnection connection = (HttpURLConnection) url.openConnection(); connection.setRequestMethod("GET"); connection.setDoOutput(true); System.out.println(connection.getResponseCode()); StringBuilder response = new StringBuilder(); BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream())); try { String line = reader.readLine(); while (line != null) { response.append(line); line = reader.readLine(); } } finally { reader.close(); } System.out.println(response.toString()); } catch(ProtocolException exception) { exception.printStackTrace(); } catch(IOException exception) { exception.printStackTrace(); } } }
You should be able to access it without any SSL handshake error.
Alternatively, you can opt to use the official JDK 6u121 via the Java SE 6 Advanced and Java SE 6 Support if you have availed of it.
Leave a Reply