相互认证的Andr​​oid和Tomcat [英] Mutual authentication Android and Tomcat

问题描述

我想为我的应用程序和服务器相互验证。
我按照此步骤：

i want to make a mutual auth for my app and server. I follow this step:

1）创建certf。和密钥库服务器的tomcat（tomcat.keystore）

1) Create a certf. and keystore for the server tomcat (tomcat.keystore)

2）创建certf。客户端

2) Create a certf. for the client

3）导入客户certf。进入服务器密钥库

3) Import client certf. into server keystore

4）创建为Android（smartssl.bks一个BKS密钥库）

4) Create a bks keystore for Android (smartssl.bks)

5）进口certf。服务器和客户端密钥库成Android版

5) Import certf. server and client into keystore Android

现在我配置Tomcat有：

Now i configure Tomcat with:

<Connector SSLEnabled="true" clientAuth="true"
            keystoreFile="/home/antonio/Documenti/keystore/tomcat.keystore"
            keystorePass="pass" maxThreads="150" port="8443" scheme="https"
            secure="true" sslProtocol="TLS"
            truststoreFile="/home/antonio/Documenti/keystore/tomcat.keystore"
            truststorePass="pass" />

而在Android应用程序，我用这样的凌空框架：

And in the Android app i use Volley framework like that:

 InputStream keyStore = getResources().openRawResource(R.raw.smartssl);

                // Usually getting the request queue shall be in singleton like in {@see Act_SimpleRequest}
                // Current approach is used just for brevity
                RequestQueue queue = Volley
                        .newRequestQueue(Act_SsSslHttpClient.this,
                                         new ExtHttpClientStack(new SslHttpClient(keyStore, "pass", 443)));

                StringRequest myReq = new StringRequest(Method.GET,
                                                        "https://192.168.1.4:8443/REST/app/generali/getA",
                                                        createMyReqSuccessListener(),
                                                        createMyReqErrorListener()){
                @Override
                public Map<String, String> getHeaders() throws AuthFailureError {
                    return createBasicAuthHeader("user", "strongpassword");
                }};

                queue.add(myReq);
            }
        });

使用这个配置。我有这个错误：

With this config. i have this error:

no peer certificate 

如果我试图改变这个Tomcat的配置：

If i try to change Tomcat configuration with this:

clientAuth="false"

工作，所以这个问题是在BKS文件？或在哪里？

works, so the problem is in the bks file? or where?

推荐答案

我解决放在应用程序中的密钥库和信任库中BKS。

I solve with put in the app the Keystore and the Truststore in BKS.

在这里有一个指导创建自证书：

Here there is a guide to create a self certificate:

<一个href=\"http://callistaenterprise.se/blogg/teknik/2011/11/24/creating-self-signed-certificates-for-use-on-android/\"相对=nofollow>创建客户端和服务器的自证

而这里是与排球相互验证类例如：

And here there is the class example for mutual auth with Volley:

<一个href=\"https://github.com/balduzzi85/android_volley_examples/blob/master/src/com/github/volley_examples/Act_AuthSsSslHttpClient.java\"相对=nofollow>例类相互验证TLS / SSL

<一个href=\"https://github.com/balduzzi85/android_volley_examples/blob/master/src/com/github/volley_examples/toolbox/SslSocketFactory.java\"相对=nofollow>类SSLSocket的

这篇关于相互认证的Andr​​oid和Tomcat的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！