接收及放大器;从服务器HTTPS验证证书 - 机器人 [英] Receive & Validate certificate from server HTTPS - android
问题描述
我从我的Android客户端通过HTTPS调用Web服务。我得到了验证,从服务器端的证书领取。我怎么做 ?在present这是我的,我用它来调用Web服务code。
I am calling web service from my android client via https. I got to validate the certificate receive from server side. How do I do that ? At present this is my code that I use to call a web service.
private static String SendPost(String url, ArrayList<NameValuePair> pairs) { // url = "https://....."
errorMessage = "";
String response = "";
DefaultHttpClient hc=new DefaultHttpClient();
ResponseHandler <String> res=new BasicResponseHandler();
HttpPost postMethod=new HttpPost(url);
try {
postMethod.setEntity(new UrlEncodedFormEntity(pairs));
response = hc.execute(postMethod, res);
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (ClientProtocolException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
return response;
}
我如何验证完成后在从服务器接收到一个自签名的证书?我得到了通过公共/私有密钥做测试。客户端将有一个的CA文件。 Ijust需要在客户端为了验证能使用CA的服务器证书,服务是公。这必须与公共/专用密钥。我怎样才能调用后之前接收来自服务器的证书?
How do I validate a self-signed certificate received from server during performing Post ? I got to do testing via public/private keys. Client will have a CA file. Ijust need the client to verify the server certificate using the CA, the service is public .This has to do with public/private key. How can I receive the certificate from the server before calling the post ?
他们有几个选项和$ C,适用于计算器$ C片段。几个环节,我发现多个答案是: <一href="http://stackoverflow.com/questions/2012497/accepting-a-certificate-for-https-on-android">Accepting在Android 的HTTPS证书 http://stackoverflow.com/questions/3761737/https-get-ssl-with-android-and-self-signed-server-certificate
Their are several options and code snippets available on stackoverflow. Couple of links I found with multiple answers is : Accepting a certificate for HTTPs on Android http://stackoverflow.com/questions/3761737/https-get-ssl-with-android-and-self-signed-server-certificate
但我不能做出来这是个好/适用于我!我不想禁用所有或接受任何。要检查公共/私人密钥/
But I can't make out which is good/applicable for me ! I don't want to disable all or accept any. Have to check the public/private keys/
任何帮助是非常AP preciated。
Any help is highly appreciated.
推荐答案
鲍勃·李写了有关如何使用SSL证书与Android一个不错的博客文章。我认为这是适用于您的情况:的http://博客。 crazybob.org/2010/02/android-trusting-ssl-certificates.html
Bob Lee wrote a nice blog post on how using SSL certificates with Android. I think it is applicable to your case: http://blog.crazybob.org/2010/02/android-trusting-ssl-certificates.html
您只需要创建一个密钥库
包含您的自签名证书,并使用的HttpClient
实施中描述的自定义这个职务。
You just have to create a KeyStore
containing your self-signed certificate and use the custom HttpClient
implementation described in that post.
更新:
主机名验证可以通过<一个被customizez href="http://developer.android.com/reference/org/apache/http/conn/ssl/SSLSocketFactory.html#setHostnameVerifier%28org.apache.http.conn.ssl.X509HostnameVerifier%29"相对=nofollow>设置自定义 X509HostnameVerifier
上的 SSLSocketFactory的
。某些实现在机器人已经可以: AllowAllHostnameVerifier
, BrowserCompatHostnameVerifier
, StrictHostnameVerifier
Host name validation can be customizez by setting a custom X509HostnameVerifier
on the SSLSocketFactory
. Some implementations are already available in android: AllowAllHostnameVerifier
, BrowserCompatHostnameVerifier
, StrictHostnameVerifier
/* ... */
public class MyHostnameVerifier extends AbstractVerifier {
boolean verify(String hostname, SSLSession session) {
X509Certificate[] chain = session.getPeerCertificateChain();
/* made some checks... */
return checked;
}
}
sslSocketFactory.setHostnameVerifier(new MyHostnameVerifier());
这篇关于接收及放大器;从服务器HTTPS验证证书 - 机器人的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!