我有一个.p12证书文件,我使用SSL转换器将其转换为.pem证书文件.然后我在我的android代码中使用那个pem证书文件,如下所示:
OkHttpClient okHttpClient = new OkHttpClient();
try {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream instream = context.getResources().openRawResource(R.raw.pem_certificate);
Certificate ca;
ca = cf.generateCertificate(instream);
KeyStore kStore = KeyStore.getInstance(KeyStore.getDefaultType());
kStore.load(null, null);
kStore.setCertificateEntry("ca", ca);
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(kStore);
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, tmf.getTrustManagers(), null);
okHttpClient.setSslSocketFactory(sslContext.getSocketFactory());
} catch (CertificateException
| KeyStoreException
| NoSuchAlgorithmException
| IOException
| KeyManagementException e) {
e.printStackTrace();
}
baseURL = endpoint;
RestAdapter restAdapter = new RestAdapter.Builder()
.setEndpoint(baseURL)
.setClient(new OkClient(okHttpClient))
.build();
service = restAdapter.create(DishService.class);
但是这段代码不起作用.它在"ca = cf.generateCertificate(instream);"行中失败了.使用CertificateException消息.
我想调用fetch()函数.
它适用于iOS但不适用于Android.
fetch('https://admin.leanpoint.com/Api/User/Login?user=srinu@mainpoint.dk', {
method: 'POST',
headers: {
'Authorization': 'Basic c3JpbnVAbWFpbnBvaW50LmRrOnNhaWJhYmE='
},
})
.then((res) => {
res.json().then((json) => {
alert(JSON.stringify(json))
})
})
.catch((err) => {
alert(JSON.stringify(err))
})
在iOS上,它进入.then()但在Android上它进入.catch()并且err是{}.
它不适用于仿真器和真实设备.
任何帮助表示赞赏.^ _ ^
使用Axios的错误日志
当我使用fetch()它时输入.catch(){}.
我试过Axios如下.
axios.post('https://admin.leanpoint.com/Api/User/Login?user=srinu@mainpoint.dk', null, {
headers: {
'Authorization': 'Basic c3JpbnVAbWFpbnBvaW50LmRrOnNhaWJhYmE='
},
timeout: 2000
})
.then((res) => {
console.log(res.data)
})
.catch((err) => {
console.log(err)
})
并返回如下错误.
{ [Error: Network Error]
config:
{ …当我想打开HTTPS连接时,我得到SSL异常.如何设置HttpURLConnection以对此异常不敏感?
我的代码是:
private String getData() {
String response = null;
String connection = "https://www.kamalan.com/";
try {
URL url = new URL(connection);
Log.i(TAG, "Try to open: " + connection);
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
int responseCode = conn.getResponseCode();
Log.i(TAG, "Response code is: " + responseCode);
if (responseCode == HttpURLConnection.HTTP_OK) {
BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream()));
if (in != null) {
StringBuilder strBuilder = new StringBuilder();
int ch = 0;
while ((ch = in.read()) != -1)
strBuilder.append((char) ch);
// get returned …我只在(可能是一些)2.3.x设备上收到此错误.它适用于运行Android版本的任何其他设备.
这是我的HTTPRequestController:
public class HttpRequestController {
private final static String TAG = "HttpRequestController";
private static HttpRequestController instance;
public enum Method {
PUT, POST, DELETE, GET
}
private HttpRequestController() {
}
public static HttpRequestController getInstance() {
if (instance == null)
instance = new HttpRequestController();
return instance;
}
public String doRequest(String url, HashMap<Object, Object> data,
Method method, String token) throws Exception {
InputStream certificateInputStream = null;
if (MyApplication.PRODUCTION) {
certificateInputStream = MyApplication.context
.getResources().openRawResource(R.raw.production_cert);
LogUtils.log("using production SSL certificate");
} else {
certificateInputStream = …我将服务器迁移HTTP到了HTTPS我已经使用自签名证书发送网络请求HttpUrlConnection并且它工作但是对于图像加载它不起作用,因为我使用Glide进行图像加载.
javax.net.ssl.SSLHandshakeException:java.security.cert.CertPathValidatorException:未找到证书路径的信任锚.从https URL通过滑动库加载图像
Glide.with(mContext).load(currentItem.getImage_path().replace(" ", "%20"))
.listener(new RequestListener<String, GlideDrawable>() {
@Override
public boolean onException(Exception e, String model, Target<GlideDrawable> target, boolean isFirstResource) {
genericViewHolder.imageView_1.setImageResource(R.drawable.image_thumbnail);
genericViewHolder.progressBar.setVisibility(View.GONE);
return false;
}
@Override
public boolean onResourceReady(GlideDrawable resource, String model, Target<GlideDrawable> target, boolean isFromMemoryCache, boolean isFirstResource) {
genericViewHolder.progressBar.setVisibility(View.GONE);
return false;
}
}).into(genericViewHolder.imageView_1);
我尝试使用此链接并使用GlideModule但它似乎不起作用.请帮忙.
我正在使用com.loopj.android:android-async-http:1.4.9我的服务器请求。在我的服务器中要求我使用SSL / TLS之前,它一直运行良好。因此,我需要修改AsyncHTTPClient以在所有URL中使用HTTPS。
我检查了类似的方法,如何使用AsyncHttpClient进行HTTPS调用?但没有提供明确的解决方案。由于库本身发出以下警告,因此可接受的解决方案也不安全:
警告!这会忽略每台设备上的SSL证书验证,请谨慎使用。
所以我继续检查其他解决方案。我最终遵循了以下建议:https : //developer.android.com/training/articles/security-ssl.html。因此,我有类似的东西:
// Load CAs from an InputStream
// (could be from a resource or ByteArrayInputStream or ...)
CertificateFactory cf = CertificateFactory.getInstance("X.509");
// From https://www.washington.edu/itconnect/security/ca/load-der.crt
InputStream caInput = new BufferedInputStream(new FileInputStream("load-der.crt"));
Certificate ca;
try {
ca = cf.generateCertificate(caInput);
System.out.println("ca=" + ((X509Certificate) ca).getSubjectDN());
} finally {
caInput.close();
}
// Create a KeyStore containing our trusted CAs
String keyStoreType = KeyStore.getDefaultType();
KeyStore keyStore = KeyStore.getInstance(keyStoreType);
keyStore.load(null, null);
keyStore.setCertificateEntry("ca", …我正在开发一个必须支持API级别16的项目,并要求我对动态URL进行网络调用.我遇到的问题是服务器最近不得不将TLS更新为1.2以实现PCI合规性,默认情况下在Android API 16-19上禁用.虽然启用此功能并不困难,但我遇到了仅针对这些API级别的X509证书问题.
我对它做了很多研究,虽然所有这些链接都很有用:
1)如何在Android应用程序中启用TLS 1.2支持(在Android 4.1 JB上运行)
2)如何使用自签名证书连接到Android(paho客户端)中的Mqtt服务器?
4)允许Java使用不受信任的证书进行SSL/HTTPS连接
6)SSLHandshakeException:未找到证书路径的信任锚.仅适用于Android API <19
他们没有解决我遇到的核心问题,即我看到了这个例外:
com.android.volley.NoConnectionError: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
at com.android.volley.toolbox.BasicNetwork.performRequest(BasicNetwork.java:151)
at com.android.volley.NetworkDispatcher.run(NetworkDispatcher.java:112)
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:409)
at com.android.okhttp.Connection.upgradeToTls(Connection.java:146)
at com.android.okhttp.Connection.connect(Connection.java:107)
at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:294)
at com.android.okhttp.internal.http.HttpEngine.sendSocketRequest(HttpEngine.java:255)
at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:206)
at com.android.okhttp.internal.http.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:345)
at com.android.okhttp.internal.http.HttpURLConnectionImpl.getResponse(HttpURLConnectionImpl.java:296)
at com.android.okhttp.internal.http.HttpURLConnectionImpl.getResponseCode(HttpURLConnectionImpl.java:503)
at com.android.okhttp.internal.http.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:136)
at com.android.volley.toolbox.HurlStack.performRequest(HurlStack.java:110)
at com.android.volley.toolbox.BasicNetwork.performRequest(BasicNetwork.java:96)
... 1 more
当我尝试连接到需要TLS1.2的URL时,例如https://www.ssllabs.com/ssltest/viewMyClient.html. …
I'm using OkHttp 3.12.2 on Android 9 (Pixel 2 device) and try to connect to an nginx 1.14.0 running with OpenSSL 1.1.1. The nginx is capable of TLSv1.3, I verified this with Firefox 66.0.2 on Ubuntu 18.04, Chrome 73.0 on Android 9 and ChromeOS 72.0.
However, OkHttp always negotiates TLSv1.2. I also tried to set a RESTRICTED_TLS ConnectionSpec, but it didn't help.
I did not find a specific instruction on how to get TLSv1.3 working on Android. I know …