Goa*_*ine 3 ssl android certificate
我有一个例外:没有同行证书
当我问谷歌,然后我得到解决方案,我相信所有证书.但这个问题的答案是,它是不安全的.
所以我打电话给全班:
HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
HttpClient client = new DefaultHttpClient();
SchemeRegistry registry = new SchemeRegistry();
SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory();
socketFactory.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
registry.register(new Scheme("https", socketFactory, 443));
SingleClientConnManager mgr = new SingleClientConnManager(client.getParams(), registry);
DefaultHttpClient httpClient = new DefaultHttpClient(mgr, client.getParams());
HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
Log.v("URL:", Url[0]);
HttpPost post = new HttpPost(Url[0]);
post.addHeader("Username", Url[1]);
post.addHeader("Passwort", Url[2]);
HttpResponse getResponse = httpClient.execute(post); //Wirft Exception
HttpEntity responseEntity = getResponse.getEntity();
UserID = Integer.parseInt(responseEntity.getContent().toString());
这是我的班级:
class MyHttpClient extends DefaultHttpClient {
final Context context;
public MyHttpClient(Context context) {
this.context = context;
}
@Override
protected ClientConnectionManager createClientConnectionManager() {
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
// Register for port 443 our SSLSocketFactory with our keystore
// to the ConnectionManager
registry.register(new Scheme("https", (SocketFactory) newSslSocketFactory(), 443));
return new SingleClientConnManager(getParams(), registry);
}
private SSLSocketFactory newSslSocketFactory() {
try {
// Get an instance of the Bouncy Castle KeyStore format
KeyStore trusted = KeyStore.getInstance("BKS");
// Get the raw resource, which contains the keystore with
// your trusted certificates (root and any intermediate certs)
InputStream in = context.getResources().openRawResource(R.raw.mykey);
try {
// Initialize the keystore with the provided trusted certificates
// Also provide the password of the keystore
trusted.load(in, "PASSWORT".toCharArray());
} finally {
in.close();
}
// Pass the keystore to the SSLSocketFactory. The factory is responsible
// for the verification of the server certificate.
SSLSocketFactory sf = new SSLSocketFactory(trusted);
// Hostname verification from certificate
// [url=http://hc.apache.org/httpcomponents-client-ga/tutorial/html/connmgmt.html#d4e506]Chapter2.Connection management[/url]
sf.setHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER);
return sf;
} catch (Exception e) {
throw new AssertionError(e);
}
}
}
小智 7
我发现了SSLPeerUnverifiedException的另一个可能原因:没有对等证书
如果运行的模拟器的日期早于创建证书的日期,则可能会遇到此异常.
在我的案例中证书已在7月10日验证,但模拟器的当前日期为5月7日.
我不知道为什么我的模拟器的日期设置为5月7日,因为它应该从网络中获取时间,但这是另一个问题.
只是想我应该分享一下,以防万一其他人避免浪费几天时间.
| 归档时间: |
|
| 查看次数: |
11137 次 |
| 最近记录: |