最近发布了一个关于HttpClient过度Https 的问题(在这里找到).我已经取得了一些进展,但我遇到了新的问题.和我的上一个问题一样,我似乎无法找到适合我的任何地方的例子.基本上,我希望我的客户端接受任何证书(因为我只指向一个服务器),但我一直在接受javax.net.ssl.SSLException: Not trusted server certificate exception.
所以这就是我所拥有的:
public void connect() throws A_WHOLE_BUNCH_OF_EXCEPTIONS {
HttpPost post = new HttpPost(new URI(PROD_URL));
post.setEntity(new StringEntity(BODY));
KeyStore trusted = KeyStore.getInstance("BKS");
trusted.load(null, "".toCharArray());
SSLSocketFactory sslf = new SSLSocketFactory(trusted);
sslf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
SchemeRegistry schemeRegistry = new SchemeRegistry();
schemeRegistry.register(new Scheme ("https", sslf, 443));
SingleClientConnManager cm = new SingleClientConnManager(post.getParams(),
schemeRegistry);
HttpClient client = new DefaultHttpClient(cm, post.getParams());
HttpResponse result = client.execute(post);
}
这是我得到的错误:
W/System.err( 901): javax.net.ssl.SSLException: Not trusted server certificate
W/System.err( 901): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:360)
W/System.err( 901): …我正在创建一个https用于与服务器通信的android应用程序.我正在使用retrofit并OkHttp提出请求.这些适用于标准http请求.以下是我遵循的步骤.
步骤1: 使用该命令从服务器获取cert文件
echo -n | openssl s_client -connect api.****.tk:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > gtux.cert
步骤2: 使用以下命令将证书转换为BKS格式
keytool -importcert -v -trustcacerts -file "gtux.cert" -alias imeto_alias -keystore "my_keystore.bks" -provider org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath "bcprov-jdk16-146.jar" -storetype BKS
它问我密码并且文件已成功创建.
第3步:
创建一个OkHttpClient并使用它来发出https请求
public class MySSLTrust {
public static OkHttpClient trustcert(Context context){
OkHttpClient okHttpClient = new OkHttpClient();
try {
KeyStore ksTrust = KeyStore.getInstance("BKS");
InputStream instream = context.getResources().openRawResource(R.raw.my_keystore);
ksTrust.load(instream, "secret".toCharArray());
// TrustManager decides which certificate authorities to …This Error is related to Fabric Crashlytics, not direct RestFul API consumptions.
I'm getting this error when initiating the Fabric Crashlytics on Android Emulator
E/Fabric: Settings request failed.
io.fabric.sdk.android.services.network.HttpRequest$HttpRequestException: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
at io.fabric.sdk.android.services.network.HttpRequest.code(HttpRequest.java:1355)
at io.fabric.sdk.android.services.settings.DefaultSettingsSpiCall.handleResponse(DefaultSettingsSpiCall.java:104)
at io.fabric.sdk.android.services.settings.DefaultSettingsSpiCall.invoke(DefaultSettingsSpiCall.java:88)
at io.fabric.sdk.android.services.settings.DefaultSettingsController.loadSettingsData(DefaultSettingsController.java:80)
at io.fabric.sdk.android.services.settings.DefaultSettingsController.loadSettingsData(DefaultSettingsController.java:64)
at io.fabric.sdk.android.services.settings.Settings.loadSettingsData(Settings.java:153)
at io.fabric.sdk.android.Onboarding.retrieveSettingsData(Onboarding.java:126)
at io.fabric.sdk.android.Onboarding.doInBackground(Onboarding.java:99)
at io.fabric.sdk.android.Onboarding.doInBackground(Onboarding.java:45)
at io.fabric.sdk.android.InitializationTask.doInBackground(InitializationTask.java:63)
at io.fabric.sdk.android.InitializationTask.doInBackground(InitializationTask.java:28)
at io.fabric.sdk.android.services.concurrency.AsyncTask$2.call(AsyncTask.java:311)
at java.util.concurrent.FutureTask.run(FutureTask.java:237)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:428)
at java.util.concurrent.FutureTask.run(FutureTask.java:237)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1133)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:607)
at java.lang.Thread.run(Thread.java:761)
Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor …我将服务器迁移HTTP到了HTTPS我已经使用自签名证书发送网络请求HttpUrlConnection并且它工作但是对于图像加载它不起作用,因为我使用Glide进行图像加载.
javax.net.ssl.SSLHandshakeException:java.security.cert.CertPathValidatorException:未找到证书路径的信任锚.从https URL通过滑动库加载图像
Glide.with(mContext).load(currentItem.getImage_path().replace(" ", "%20"))
.listener(new RequestListener<String, GlideDrawable>() {
@Override
public boolean onException(Exception e, String model, Target<GlideDrawable> target, boolean isFirstResource) {
genericViewHolder.imageView_1.setImageResource(R.drawable.image_thumbnail);
genericViewHolder.progressBar.setVisibility(View.GONE);
return false;
}
@Override
public boolean onResourceReady(GlideDrawable resource, String model, Target<GlideDrawable> target, boolean isFromMemoryCache, boolean isFirstResource) {
genericViewHolder.progressBar.setVisibility(View.GONE);
return false;
}
}).into(genericViewHolder.imageView_1);
我尝试使用此链接并使用GlideModule但它似乎不起作用.请帮忙.
我正在开发一个项目,该项目需要将所有证书用于单个调用,每当我尝试设置 sslSocketFactory 时,我都会收到一个错误,指示 ExceptionInInitializerError。
我搜索了 SO 并找到了这个问题,但它没有为我解决问题;对于这个 Git 问题也是如此。
我的示例代码如下:
X509TrustManager trustManager = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] xcs, String string)
throws CertificateException {}
public void checkServerTrusted(X509Certificate[] xcs, String string)
throws CertificateException {}
public X509Certificate[] getAcceptedIssuers() {
return null;
}
};
SSLContext sslContext;
SSLSocketFactory sslSocketFactory = null;
try {
sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, new TrustManager[]{trustManager}, null);
sslSocketFactory = sslContext.getSocketFactory();
} catch (Exception e){
e.printStackTrace();
}
OkHttpClient client = new OkHttpClient.Builder().sslSocketFactory(sslSocketFactory,
trustManager).addInterceptor(interceptor).build();
当发送的参数全部有效且不为空时,为什么我会收到错误?
我正在构建一个应用程序react-native并axios package用于post请求。axios 在react-nativeandroid 应用程序中发布请求时出现错误。SSL证书是用letsencrypt 签名的。
Https request 正在与 React-Native 0.47.2 一起使用,但在升级到 React-Native 0.55.0 后,它给出了证书错误。
证书适用于桌面和移动浏览器以及应用程序 Web 门户,但不适用于 android 应用程序。
版本 android: 8.0.0 React Native: 0.55.0
错误
“java.security.cert.CertPathValidatorException:未找到证书路径的信任锚。”
我正在尝试一个 android 应用程序,其中将HLS我的nginx服务器的链接传递ExoPlayer给播放。最初我一直得到
“引起:javax.net.ssl.SSLHandshakeException:java.security.cert.CertPathValidatorException:未找到证书路径的信任锚。”
错误之后,在进行研究时,我找到了两种可能的解决方案。
第一个是按照https://knowledge.digicert.com/solution/SO17482.html 中的步骤获取即时 CA 证书,第二个是禁用证书检查。我已经尝试了两者,但仍然得到
“引起:javax.net.ssl.SSLHandshakeException:java.security.cert.CertPathValidatorException:未找到证书路径的信任锚。” 错误
我的播放器的代码是:
public class PlayerActivity extends AppCompatActivity implements VideoRendererEventListener {
String url;
private static final String TAG = "Twende Live";
private PlayerView simpleExoPlayerView;
private SimpleExoPlayer player;
private TextView resolutionTextView;
private final TrustManager[] trustAllCerts= new TrustManager[] { new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[]{};
}
public void checkClientTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] chain,
String …我的Android应用程序应该能够与任何启用SSL的服务器进行通信。由于我的应用程序是演示应用程序,并且我的客户在登录时在应用程序中添加了自己的SSL服务器详细信息,所以预先知道我需要验证哪个SSL证书。
以下是我之前的代码。
public SSLSocketFactory getSSLSocketFactory(String hostname) {
try {
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, new X509TrustManager[] { new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
} }, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
} catch (Exception e) {
e.printStackTrace();
}
return HttpsURLConnection.getDefaultSSLSocketFactory();
}
当我将自己的游戏更新到Playstore时,由于以下原因被拒绝了
为了正确处理SSL证书验证,只要服务器提供的证书不符合您的期望,请在自定义X509TrustManager接口的checkServerTrusted方法中更改代码以引发CertificateException或IllegalArgumentException。如有技术问题,您可以发布到Stack Overflow并使用标签“ …
android ×6
ssl ×6
https ×2
java ×2
axios ×1
certificate ×1
exoplayer ×1
google-play ×1
lets-encrypt ×1
okhttp ×1
okhttp3 ×1
react-native ×1
retrofit ×1