排球库和HTTPS请求 [英] Volley library and HTTPS requests
问题描述
我试着在这里寻找一些答案,但我找不到能解决我问题的任何答案。
I tried to look for some answers for me here, but I just fail to find anything that solves my problem.
在项目中我正在努力我们要去改变我们的域名。更改有点棘手 - 我们还必须更改从HTTP到HTTPS的连接。我收到了.crt密钥(例如,example.tech.crt - 将所有公司名称更改为example)。经过几个小时的不断失败后,我决定写在这里。
In project I am working on we are going to change our domain. Change is bit tricky - we have to also change connection from HTTP to HTTPS. I've received .crt key (let's say, example.tech.crt - will change all of company name to "example"). After few hours of constant failures I decided to write here.
首先,我尝试使用本教程 http://ogrelab.ikratko.com/using-android-volley-with-self-signed-certificate/ - 它不起作用(我甚至不是因为API23而不得不使用弃用的Apache库)。如果需要,这就是我创建BKS文件的方式:
First of all, I tried using this tutorial http://ogrelab.ikratko.com/using-android-volley-with-self-signed-certificate/ - and it didn't work (I don't even mean that I had to use deprecated Apache libs because of API23). In case this is needed, this is how I created BKS file:
keytool -importcert -v -trustcacerts -file "example.tech.crt" -alias example_tech
-keystore "example_tech.bks" -provider org.bouncycastle.jce.provider.BouncyCastleProvider
-providerpath "bcprov-jdk16-146.jar" -storetype BKS
然后,我尝试了这种方法 Android Volley是否支持SSL? - 最佳答案(忽略域名检查)。我仍然试图使用BKS文件 - 我有一些关于投射错误的例外,所以我更改了一行:
Then, I tried this approach Does Android Volley support SSL? - the one from best answer (with ignoring domain name check). I still tried to use BKS file - I've got some exceptions about casting errors, so I changed line:
CertificateFactory cf = CertificateFactory.getInstance("X.509");
到
CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
如某处所示 - 错误仍然存在。我试图使用.crt文件而不是BKS - 我仍然失败。
as suggested somewhere - error still persisted. I tried to use .crt file instead of BKS - I still fail.
每次我都得到同样的错误:
Every single time I get same error:
javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException:
SSL handshake aborted: ssl=0x650f83a0: Failure in SSL library, usually a protocol error
error:14077102:SSL routines:SSL23_GET_SERVER_HELLO:unsupported protocol
(external/openssl/ssl/s23_clnt.c:714 0x5fda0d74:0x00000000)
我尝试使用Postman做同样的请求,他们在同一地址上工作没有任何问题,所以这不是服务器问题。我试图使用各种域名--example.tech,www.example.tech,example.tech:80等等(当然总是用https)。
I tried to do pretty much same requests using Postman and they work on same address without any problem, so this is not server problem. I tried to use various domains - example.tech, www.example.tech, example.tech:80 and so on (always with https of course).
下面是示例curl-like请求(当然是审查):
Below is example curl-like request (of course censored):
curl request: curl -X "POST"
-D "grant_type=password&password=[passwordHere]&username=[emailHere]&"
-H 'Authorization: Basic [tokenHere]
"https://example.tech/oauth/token"
我没有看到我的代码出了什么问题,我很高兴看到我在这里做错了什么。如果还需要更多代码,请随意提问(但99%的代码就像在第二个链接中,只有很小的变化)。
I fail to see what's wrong with my code and I'd be really happy to see what I am doing wrong in here. If there's any more code needed, feel free to ask for it (but 99% of it is like in second link, only with really small changes).
推荐答案
将此主题视为糟糕通信的示例。经过几个小时的尝试,我们开始工作:
Consider this topic as example of poor comunication. After hours of trying to make this work we made to work:
- 我们不使用自签名证书,因此向应用程序添加密钥是个糟糕的主意(因为它们每3个月更换一次)
- 不支持的协议异常来自旧的Android API(< 20或< 21),这些API在此应用程序中受支持。从我的理解(考虑到我对SSL连接的了解不足)我们的网站使用TLS,但是较旧的Android系统(我猜之前的Lollipop)默认关闭。解决这个问题的正确方法是创建自定义TLSSocketFactory并在HurlStack中使用它来初始化RequestQueue。在那个异常消失之后。
这篇关于排球库和HTTPS请求的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!