Java的解決方法
升級Java 11版本即可:
當前的java版本: openjdk version "11.0.7" 2020-04-14 LTS
小版本升級: openjdk version "11.0.14.1" 2022-02-08 LTS
Java解決方案依據
TLS 1.0 and TLS 1.1 disabled by default with Java 11.0.11
Official Note
➜ Disable TLS 1.0 and 1.1
TLS 1.0 and 1.1 are versions of the TLS protocol that are no longer considered secure and have been superseded by more secure and modern versions (TLS 1.2 and 1.3).
https://www.oracle.com/java/technologies/javase/11all-relnotes.html#JDK-8202343
查看升級後java 安全的配置內容
cat /usr/lib/jvm/java/conf/security/java.security
jdk.tls.disabledAlgorithms=SSLv3, TLSv1, TLSv1.1, RC4, DES, MD5withRSA, \
DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC, anon, NULL, \
include jdk.disabled.namedCurves
Nginx解決方法
修改nginx配置, 在啓所有用了Https的server配置段中添加以下配置:
ssl_protocols TLSv1.2 TLSv1.3;
執行nginx -s reload 生效