相互认证的Android和Tomcat [英] Mutual authentication Android and Tomcat
问题描述
我想为我的应用程序和服务器相互验证。
我按照此步骤:
i want to make a mutual auth for my app and server. I follow this step:
1)创建certf。和密钥库服务器的tomcat(tomcat.keystore)
1) Create a certf. and keystore for the server tomcat (tomcat.keystore)
2)创建certf。客户端
2) Create a certf. for the client
3)导入客户certf。进入服务器密钥库
3) Import client certf. into server keystore
4)创建为Android(smartssl.bks一个BKS密钥库)
4) Create a bks keystore for Android (smartssl.bks)
5)进口certf。服务器和客户端密钥库成Android版
5) Import certf. server and client into keystore Android
现在我配置Tomcat有:
Now i configure Tomcat with:
<Connector SSLEnabled="true" clientAuth="true"
keystoreFile="/home/antonio/Documenti/keystore/tomcat.keystore"
keystorePass="pass" maxThreads="150" port="8443" scheme="https"
secure="true" sslProtocol="TLS"
truststoreFile="/home/antonio/Documenti/keystore/tomcat.keystore"
truststorePass="pass" />
而在Android应用程序,我用这样的凌空框架:
And in the Android app i use Volley framework like that:
InputStream keyStore = getResources().openRawResource(R.raw.smartssl);
// Usually getting the request queue shall be in singleton like in {@see Act_SimpleRequest}
// Current approach is used just for brevity
RequestQueue queue = Volley
.newRequestQueue(Act_SsSslHttpClient.this,
new ExtHttpClientStack(new SslHttpClient(keyStore, "pass", 443)));
StringRequest myReq = new StringRequest(Method.GET,
"https://192.168.1.4:8443/REST/app/generali/getA",
createMyReqSuccessListener(),
createMyReqErrorListener()){
@Override
public Map<String, String> getHeaders() throws AuthFailureError {
return createBasicAuthHeader("user", "strongpassword");
}};
queue.add(myReq);
}
});
使用这个配置。我有这个错误:
With this config. i have this error:
no peer certificate
如果我试图改变这个Tomcat的配置:
If i try to change Tomcat configuration with this:
clientAuth="false"
工作,所以这个问题是在BKS文件?或在哪里?
works, so the problem is in the bks file? or where?
推荐答案
我解决放在应用程序中的密钥库和信任库中BKS。
I solve with put in the app the Keystore and the Truststore in BKS.
在这里有一个指导创建自证书:
Here there is a guide to create a self certificate:
<一个href=\"http://callistaenterprise.se/blogg/teknik/2011/11/24/creating-self-signed-certificates-for-use-on-android/\"相对=nofollow>创建客户端和服务器的自证
而这里是与排球相互验证类例如:
And here there is the class example for mutual auth with Volley:
<一个href=\"https://github.com/balduzzi85/android_volley_examples/blob/master/src/com/github/volley_examples/Act_AuthSsSslHttpClient.java\"相对=nofollow>例类相互验证TLS / SSL
<一个href=\"https://github.com/balduzzi85/android_volley_examples/blob/master/src/com/github/volley_examples/toolbox/SslSocketFactory.java\"相对=nofollow>类SSLSocket的
这篇关于相互认证的Android和Tomcat的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!