在我的 Java 应用程序中与贝宝服务器通信时出现 ssl 握手错误
我正在为我的 Java 应用程序使用 paypal 沙箱帐户,并使用 centos 6.7 进行托管.当我运行应用程序时,我在与 paypal 帐户通信时出错.
I am using paypal sandbox account for my java application and hosting using centos 6.7. While I am running the application I am getting error for communicating with paypal account.
我收到如下错误,
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1961)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1077)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:515)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1299)
at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:468)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:338)
有一些安全更新.您需要将 TLS 1.2 用于沙箱(也需要在以后为实时模式下的 Paypal 应用更新).
There was some security updates. You need to use TLS 1.2 for the sandbox (updates will need to be applied at a later date for Paypal in Live mode too).
这是路线图和不同的日期:
Here's the roadmap and the different dates :
2016 年 1 月 14 日 在此日期之后,沙盒 API 端点仅支持新标准(HTTP/1.1、TLS 1.2 和 SHA-256 证书).这包括 www.sandbox.paypal.com 仅接受 HTTPS 进行 IPN 回传.
Jan 14, 2016 After this date, Sandbox API endpoints only support new standard (HTTP/1.1, TLS 1.2 and SHA-256 certificates). This includes www.sandbox.paypal.com only accepting HTTPS for IPN Postbacks.
2016 年 1 月 31 日生产开始发布具有新标准(2048 位,SHA-256)的 API 凭证证书.
Jan 31, 2016 Production starts issuing API Credential Certificates with new standard (2048-bit, SHA-256).
2016 年 2 月 29 日的测试沙盒端点将被删除.
Feb 29, 2016 Test Sandbox endpoints will be removed.
2016 年 3 月 17 日将新的 SFTP IP 地址添加到 reports.paypal.com 的 DNS.
Mar 17, 2016 New SFTP IP addresses add to DNS for reports.paypal.com.
2016 年 4 月 14 日,从reports.paypal.com 的 DNS 中删除了旧的 SFTP IP 地址.
Apr 14, 2016 Old SFTP IP addresses removed from DNS for reports.paypal.com.
2016 年 5 月 12 日旧的 SFTP IP 地址停止工作.
May 12, 2016 Old SFTP IP addresses stop working.
2016 年 6 月 17 日在此日期之后,生产 API 端点将开始转向新标准(HTTP/1.1、TLS 1.2 和 SHA-256 证书)
Jun 17, 2016 After this date, Production API endpoints will start moving to the new standard (HTTP/1.1, TLS 1.2 and SHA-256 certificates)
2016 年 9 月 30 日 IPN 回传到 www.paypal.com 仅允许 HTTPS
Sep 30, 2016 IPN postbacks to www.paypal.com only allow HTTPS
2018 年 1 月 1 日所有证书 API 凭据必须已升级到新标准.
Jan 1, 2018 All Certificate API Credentials must have been upgraded to the new standard.