java.security.cert.CertPathValidatorException:找不到证书路径的信任锚.在api上少24 [英] java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. on api less 24
问题描述
com.android.volley.NoConnectionError: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
我从19到24在api上的logcat中遇到此错误,并且在我的应用程序中没有从服务器加载数据,我搜索了该错误并发现
I got this error in logcat on api from 19 to 24 and there is no data loading from the server in my app I searched about that error and find that solution
@SuppressLint("TrulyRandom")
public static void handleSSLHandshake() {
try {
TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
@Override
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
}};
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
});
} catch (Exception ignored) {
}
}
并在我的应用程序类onCreate中调用它,这解决了我的问题,但是在该答案中,如果找到该解决方案,则会出现
and call it in my application class onCreate and that's solved my problem but in that answer which if find that solution there is a hint This code is not relevant and shouldn't be used! it is forbidden by Google.
所以有人知道Google针对该错误提供的替代解决方案是什么?
so anyone knows what's the alternative solution allowed by google for that error?
推荐答案
首先,您需要生成证书文件,这是步骤
first you will need to generate your certificate file and here is the steps
-
在Firefox浏览器上转到您的网站链接
go to your website link on Firefox browser
单击网站链接右侧的绿色锁
click on the green lock on the right of website link
单击更多信息,然后查看证书
click on more info then view certificate
将出现一个新窗口,其中包含两次常规和详细信息 选择详细信息
a new window will appear with two taps general and details choose details
单击导出"以导出证书并保存此文件 在android项目资产中.
click on export to export your certificate and save this file in android project assets.
在项目应用程序类中的第二秒定义hurlStack变量,并在应用程序的OnCreate方法中使用下一个方法
second in you project application class define hurlStack variable and use the next method in application OnCreate Method
private void handleCertificationOnOlderDevices() {
try {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream caInput = new
BufferedInputStream(getAssets().open("porter_cert.crt"));
Certificate ca;
try {
ca = cf.generateCertificate(caInput);
Log.d("certificate", ((X509Certificate) ca).getSubjectDN().toString());
} finally {
caInput.close();
}
String keyStoreType = KeyStore.getDefaultType();
KeyStore keyStore = KeyStore.getInstance(keyStoreType);
keyStore.load(null, null);
keyStore.setCertificateEntry("ca", ca);
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keyStore);
TrustManager[] trustManagers = tmf.getTrustManagers();
final X509TrustManager origTrustmanager =
(X509TrustManager) trustManagers[0];
TrustManager[] wrappedTrustManagers = new TrustManager[]{
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return origTrustmanager.getAcceptedIssuers();
}
public void checkClientTrusted(X509Certificate[] certs,
String authType)
{
try {
origTrustmanager.checkClientTrusted(certs, authType);
} catch (CertificateException e) {
e.printStackTrace();
}
}
public void checkServerTrusted(X509Certificate[] certs,
String authType)
{
try {
origTrustmanager.checkServerTrusted(certs, authType);
} catch (CertificateException e) {
e.printStackTrace();
}
}
}
};
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), null);
SSLSocketFactory sslSocketFactory = context.getSocketFactory();
hurlStack = new HurlStack(null, sslSocketFactory);
} catch (Exception e) {
e.printStackTrace();
}
}
并在齐射requestQueue上使用hurlStack
and on volley requestQueue use hurlStack
public RequestQueue getRequestQueue() {
if (requestQueue == null)
requestQueue = Volley.newRequestQueue(getApplicationContext(),
hurlStack);
return requestQueue;
}
如果您将Glide用于图像,则会发生第三次错误,即与滑动相关的ssl证书出现第二个错误,您需要通过这种方式解决它
third if you use Glide for images you will got a second error with ssl certificate related to glide and you will need to solve it by this way
1-在应用程序中更新,将您的gilde和okhttp3构建为这些版本
1 - update in app build your gilde and okhttp3 to these version
implementation "com.squareup.okhttp3:okhttp:3.8.1"
implementation 'com.github.bumptech.glide:glide:4.9.0'
annotationProcessor 'com.github.bumptech.glide:compiler:4.9.0'
implementation ('com.github.bumptech.glide:okhttp3-integration:4.9.0'){
exclude group: 'glide-parent'
}
2-将下一个类添加到您的项目中
2 - add the next class to your project
@GlideModule
public class CustomGlideModule extends AppGlideModule {
@Override
public void registerComponents(Context context, Glide glide,
Registryregistry) {
if (Build.VERSION.SDK_INT <= Build.VERSION_CODES.N) {
OkHttpClient client =
SafeOkHttpClient.getSafeOkHttpClient(context);
OkHttpUrlLoader.Factory factory = new
OkHttpUrlLoader.Factory(client);
glide.getRegistry().replace(GlideUrl.class, InputStream.class,
factory);
}
}
}
现在滑行可以很好地配合您.
and now glide will work fine with you.
这篇关于java.security.cert.CertPathValidatorException:找不到证书路径的信任锚.在api上少24的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
