Android的TLS连接和自签名证书 [英] Android TLS connection and self signed certificate

问题描述

我想从我的Andr​​oid应用程序连接到基于Node.js的TLS服务器。当然它没有becouse我使用的是自签名证书。

I'm trying to connect to a node.js based TLS server from my Android app. Naturally it fails becouse I'm using a self-signed certificate.

反正我有可以将证书只需添加到我的应用程序，并拥有Android的信任它在某种程度上？请注意，我没有使用HTTPS，这是一个TLS通过TCP连接。

Is there anyway I can just add the certificate to my app and have Android trust it somehow? Note, I'm not using HTTPS, this is a TLS over TCP connection.

推荐答案

大量的阅读身边后，我想出了一个答案。

After a lot of reading around, I came up with an answer.

一个pretty的好向导是在这里：<一href="http://nelenkov.blogspot.no/2011/12/using-custom-certificate-trust-store-on.html">http://nelenkov.blogspot.no/2011/12/using-custom-certificate-trust-store-on.html

A pretty good guide is here: http://nelenkov.blogspot.no/2011/12/using-custom-certificate-trust-store-on.html

现在，因为我没有使用HTTPS，我不得不拿出一个稍微不同的方法来得到一个干净的SSL套接字与新的密钥库：

Now, since I'm not using HTTPS, I had to come up with a slightly different approach for getting a clean SSL socket with the new keystore:

KeyStore store = KeyStore.getInstance("BKS");
InputStream truststore = mainActivity.getResources().openRawResource(R.raw.trust);
store.load(truststore, "PASSWORD".toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
tmf.init(store);
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), new SecureRandom());
Socket socket = context.getSocketFactory().createSocket(ip, port);

这篇关于Android的TLS连接和自签名证书的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！