Java的解决方法
升级Java 11版本即可:
当前的java版本: openjdk version "11.0.7" 2020-04-14 LTS
小版本升级: openjdk version "11.0.14.1" 2022-02-08 LTS
Java解决方案依据
TLS 1.0 and TLS 1.1 disabled by default with Java 11.0.11
Official Note
➜ Disable TLS 1.0 and 1.1
TLS 1.0 and 1.1 are versions of the TLS protocol that are no longer considered secure and have been superseded by more secure and modern versions (TLS 1.2 and 1.3).
https://www.oracle.com/java/technologies/javase/11all-relnotes.html#JDK-8202343
查看升级后java 安全的配置内容
cat /usr/lib/jvm/java/conf/security/java.security
jdk.tls.disabledAlgorithms=SSLv3, TLSv1, TLSv1.1, RC4, DES, MD5withRSA, \
DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC, anon, NULL, \
include jdk.disabled.namedCurves
Nginx解决方法
修改nginx配置, 在启所有用了Https的server配置段中添加以下配置:
ssl_protocols TLSv1.2 TLSv1.3;
执行nginx -s reload 生效