使用SSL Android应用 [英] Android application with SSL
问题描述
我知道这个特定的主题被问了很多次,但遗憾的是我对他们的情况下,没有在工作。对于过去的几天里,我试图得到它的功能状态,但我每次都失败,所以我终于来这里问。
I know that this particular topic was asked many times, but unfortunately in my case none of them are working. For past few days I was trying to get it to functional state, but I failed every time, so I finally come here to ask.
我有使用自签名证书服务器web服务。如果我输入地址到我的浏览器可以访问WSDL文件。浏览器只是提醒我,有一些问题与证书。如果我继续打,一切正常。可悲的是我不是很了解SSL,因为它第一次我做了SSL通信的应用程序。在实际应用中,我会只得到异常没有同行证书或信任锚未找到路径依赖于类型的解决方案我使用。
I have a webservice on server with self-signed certificate. I can access wsdl file if I enter address into browser. Browser just remind me, that there is some issues with cert. and if I hit continue, everything works. Sadly I know very little about SSL, because its first time I made an application with SSL communication. In application I'll only get exception "No peer certificate" or "Trust anchor path not found" depends on type of "solution" I used.
我跑sslhopper.com测试,我得到一个警告,该证书是不是在所有的网络浏览器信任。您可能需要安装一个中级/链证书链接到受信任的根证书。这是Android开发的一个严重问题,也可通过一些code解决?
I ran test on sslhopper.com and I get a warning that "The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate." Is this a serious issue in Android development or it could be resolved by some code?
所以我的问题其实是,我怎么能在应用程序凑合撞继续按钮或任何东西,使之能连接到服务器。在这种情况下,它是与证书本身还是我做错了什么应用程序本身的问题?
So my question is actually, how can I do in application make "hit the continue button" or anything to make it actually connected to the server. In this case is it problem with certificate itself or am I doing something wrong on the application itself?
推荐答案
如果你正在尝试做的客户端身份验证,需要两样东西:
If you are trying to do client authentication, you need two things:
- 颁发服务器证书的CA证书
- 为您的应用客户端证书。
您必须把信任存储区1和2中的密钥库为您的应用程序。样品code期望一个PCKS#12密钥库,你有吗?哪些文件你被赋予了?在这一点上它可能是很好的阅读JSSE参考,所以你有一个想法,该系统是如何工作的:
You have to put 1. in the trust store and 2. in the keystore for your app. The sample code expects a PCKS#12 as the keystore, do you have one? What files have you been given? At this point it might be good to read the JSSE reference so you have an idea how the system works:
的http://docs.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html
这篇关于使用SSL Android应用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
