主机名在Lollipop设备中不匹配,但在邮递员和棉花糖设备中可以正常使用 [英] Hostname does not match in Lollipop devices but works fine in Postman and marshmallow devices
问题描述
最近SSL证书已添加到服务器,因此我已将Android中的网址从 http://appname.com 到 https://www.appname.com 上,这在棉花糖设备和Postman上工作正常,但在棒棒糖设备抛出javax.net.ssl.SSLException:证书中的主机名不匹配:www.appname.com!= www.companyname.com或www.companyname.com或companyname.com
Recently SSL certificates were added to the server, so I have changed the url in android from http://appname.com to https://www.appname.com , this works fine on marshmallow devices and Postman, but on Lollipop devices throws javax.net.ssl.SSLException: hostname in certificate didn't match: www.appname.com != www.companyname.com OR www.companyname.com OR companyname.com
我尝试在setHostnameVerifier中添加companyname.com,但没有帮助.这是代码:
I have tried adding the companyname.com in setHostnameVerifier but it did not help. here is the code:
HashMap<String, String> postDataParams=new HashMap<>();
postDataParams.put("u_phone",CN);
postDataParams.put("u_code",st);
postDataParams.put("device_flag",mob_device);
postDataParams.put("app_type","PRO");
HostnameVerifier hostnameVerifier = new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
HostnameVerifier hv =
HttpsURLConnection.getDefaultHostnameVerifier();
return hv.verify("companyname.com", session);
}
};
try{
URL url = new URL("https://www.appname.com/sync/validatecheck.php");
HttpsURLConnection urlConnection =
(HttpsURLConnection)url.openConnection();
//urlConnection.setHostnameVerifier(hostnameVerifier);
urlConnection.setReadTimeout(10000);
urlConnection.setConnectTimeout(15000);
urlConnection.setRequestMethod("POST");
urlConnection.setDoInput(true);
urlConnection.setDoOutput(true);
OutputStream os = urlConnection.getOutputStream();
BufferedWriter writer = new BufferedWriter(
new OutputStreamWriter(os, "UTF-8"));
writer.write(getPostDataString(postDataParams));
writer.flush();
writer.close();
os.close();
int responseCode=urlConnection.getResponseCode();
if (responseCode == HttpsURLConnection.HTTP_OK) {
String line;
BufferedReader br=new BufferedReader(new InputStreamReader(urlConnection.getInputStream()));
while ((line=br.readLine()) != null) {
result+=line;
}
}
else {
result="";
}
} catch (Exception e) {
Log.e("log_tag", "Error in http connection "+e.toString());
}
这里可能是什么问题?以及如何解决这个问题?
What might be the issue here? and how to solve this?
推荐答案
该错误表示已向其颁发证书的主机名(主题中的CN字段)与服务器名称不匹配.
The error means that the hostname to which the certificate has been issued (CN field in subject) does not match with the server name.
如果使用URL https://www.appname.com
,则应将证书颁发给www.appname.com
或*.appname.com
.证书的主机名是appname.com
,那么错误是正确的,您可以使用https://appname.com
,但不能使用https://www.appname.com.
If you are using the URL https://www.appname.com
then the certificate should be issued to www.appname.com
or *.appname.com
. It hostname of the certificate is appname.com
then error is correct and you can use https://appname.com
but not https://www.appname.com.
在https://appname.com
中部署服务器,为www.appname.com
颁发新证书或将HostnameVerifier
设置为允许www.appname.com
Deploy your server in https://appname.com
, issue a new certificate for www.appname.com
or set a HostnameVerifier
to allow www.appname.com
这篇关于主机名在Lollipop设备中不匹配,但在邮递员和棉花糖设备中可以正常使用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!