我有一个网站,我正在为一个RESTful服务启用ssl.我们已在RapidSSL注册,安装了证书,并通过了RapidSSL检查程序.我可以使用各种浏览器访问该网站,包括Android浏览器(内置,Firefox和Opera),没有任何问题,没有警告.
但是,当我尝试使用我的Android应用程序访问它时,我得到以下异常:
08-11 20:04:05.586 363 381 E HttpProvider: Error executing request: No peer certificate
08-11 20:04:05.586 363 381 E HttpProvider: javax.net.ssl.SSLPeerUnverifiedException: No peer certificate
08-11 20:04:05.586 363 381 E HttpProvider: at org.apache.harmony.xnet.provider.jsse.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:259)
08-11 20:04:05.586 363 381 E HttpProvider: at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:93)
08-11 20:04:05.586 363 381 E HttpProvider: at org.apache.http.conn.ssl.SSLSocketFactory.createSocket(SSLSocketFactory.java:381)
08-11 20:04:05.586 363 381 E HttpProvider: at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:164)
08-11 20:04:05.586 363 381 E HttpProvider: at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164)
08-11 20:04:05.586 363 381 E HttpProvider: at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119)
08-11 20:04:05.586 363 381 E HttpProvider: …我正在使用FileObserver来观察目录的变化.该过程在90%的时间内都能正常工作,但偶尔会失败.
这是logcat的一个工作示例:
04-23 21:12:03.873: V/ItemObserver(1663): Setting up new item observer for item 2
04-23 21:12:04.374: I/ItemObserver(1663): Received item event for item 2, event: 256, file: batch.get.47
04-23 21:12:07.866: I/ItemObserver(1663): Received item event for item 2, event: 512, file: batch.get.47
04-23 21:12:07.873: I/ItemObserver(1663): Received item event for item 2, event: 512, file: item.xml
04-23 21:12:07.883: I/ItemObserver(1663): Received item event for item 2, event: 256, file: item.xml
04-23 21:12:08.033: I/ItemObserver(1663): Received item event for item 2, event: 8, file: item.xml …我有一个使用CN =*.mydomain.com从rapidssl发出的通配符证书.我有一个Web服务器和一个mysql数据库服务器.证书适用于网站访问.现在我想为我的应用程序启用ssl到mysql.我已经在mysql服务器中启用了ssl而没有问题:
+---------------+---------------------------------+
| Variable_name | Value |
+---------------+---------------------------------+
| have_openssl | YES |
| have_ssl | YES |
但是,当我尝试使用client/ssl进行连接时,我得到:ERROR 2026(HY000):SSL连接错误:错误:00000001:lib(0):func(0):reason(1)
这似乎在此处记录:http: //dev.mysql.com/doc/refman/5.5/en/creating-ssl-certs.html
它说我不能使用相同的CN作为证书.我不明白如何使用通配符证书.这是否意味着我还必须为mysql连接购买主机特定的证书?
我不太使用SSL,所以我发现很难弄清楚应该如何设置它.任何指针,甚至是明显的指针,都可能在这个阶段提供帮助.
运行:mysql Ver 15.1 Distrib 5.5.32-MariaDB,用于debian-linux-gnu(x86_64),使用readline 5.1 ubuntu 12.04