最近发布了一个关于HttpClient过度Https 的问题(在这里找到).我已经取得了一些进展,但我遇到了新的问题.和我的上一个问题一样,我似乎无法找到适合我的任何地方的例子.基本上,我希望我的客户端接受任何证书(因为我只指向一个服务器),但我一直在接受javax.net.ssl.SSLException: Not trusted server certificate exception.
所以这就是我所拥有的:
public void connect() throws A_WHOLE_BUNCH_OF_EXCEPTIONS {
HttpPost post = new HttpPost(new URI(PROD_URL));
post.setEntity(new StringEntity(BODY));
KeyStore trusted = KeyStore.getInstance("BKS");
trusted.load(null, "".toCharArray());
SSLSocketFactory sslf = new SSLSocketFactory(trusted);
sslf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
SchemeRegistry schemeRegistry = new SchemeRegistry();
schemeRegistry.register(new Scheme ("https", sslf, 443));
SingleClientConnManager cm = new SingleClientConnManager(post.getParams(),
schemeRegistry);
HttpClient client = new DefaultHttpClient(cm, post.getParams());
HttpResponse result = client.execute(post);
}
这是我得到的错误:
W/System.err( 901): javax.net.ssl.SSLException: Not trusted server certificate
W/System.err( 901): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:360)
W/System.err( 901): …当我尝试从我的Android应用程序访问HTTPS URL(.Net Webservice)时,我收到此异常:
javax.net.ssl.SSLException:不受信任的服务器证书
这是我的代码:
HttpParams myParams = new BasicHttpParams();
HttpProtocolParams.setVersion(myParams, HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(myParams, "utf-8");
myParams.setBooleanParameter("http.protocol.expect-continue", false);
HttpConnectionParams.setConnectionTimeout(myParams, 100000);
HttpConnectionParams.setSoTimeout(myParams, 100000);
//
KeyStore trusted;
try {
trusted = KeyStore.getInstance("pkcs12");
trusted.load(null, "".toCharArray());
SSLSocketFactory sslf = new SSLSocketFactory(trusted);
sslf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
SchemeRegistry schemeRegistry = new SchemeRegistry();
schemeRegistry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
schemeRegistry.register(new Scheme("https", sslf, 443));
ThreadSafeClientConnManager manager = new ThreadSafeClientConnManager(myParams, schemeRegistry);
httpClient = new DefaultHttpClient(manager, myParams);
} catch (KeyStoreException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch …在我正在开发的应用程序中,我必须向Web服务器发送HTTPS帖子.当我直接进行(没有webview)时,我得到了证书不可信任的错误.
但是,当我使用android webview加载HTTPS URL时,我可以做到
public void onReceivedSslError (WebView view, SslErrorHandler handler, SslError error) {
handler.proceed() ;
}
当我收到SSL证书不可信错误时继续连接.
我怀疑是
1)如果我使用上述方法,Android Webview实际上会将证书存储在其密钥库中吗?
2)同样的Webview是否能够在其密钥库中使用证书来接受与同一HTTPS服务器的进一步连接?
3)我们可以以编程方式在webview的密钥库中放置一些证书,以便它接受与启用HTTPS的服务器的所有连接吗?
我对很多问题很困惑.
请帮忙.
我正在尝试使用带有.bks密钥库的"https"方案连接到服务器,但由于此问题我无法连接.
任何人都可以告诉我这是什么原因以及如何解决这个问题.
这是我的代码
public String httpRestGetCallwithCertificate(String url, String payLoad) {
String result = null;
DefaultHttpClient httpClient = null;
KeyStore trustStore = null;
try {
httpClient = new DefaultHttpClient(getHttpParams());
HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
HttpHost targetHost = new HttpHost("hostname","portno","https");
httpClient.getCredentialsProvider().setCredentials(
new AuthScope(targetHost.getHostName(), targetHost.getPort()),
new UsernamePasswordCredentials("username","password"));
trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
InputStream instream = mContext.getResources().openRawResource(R.raw.truststore);
try {
trustStore.load(instream, "password".toCharArray());
} finally {
try { instream.close(); } catch (Exception ignore) {}
}
SchemeRegistry registry = new SchemeRegistry();
SSLSocketFactory socketFactory = new SSLSocketFactory(trustStore);
socketFactory.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier); …