找不到 Android SSL 连接的信任锚 [英] Trust Anchor not found for Android SSL Connection
问题描述
我正在尝试连接到运行 Godaddy 256 位 SSL 证书的 IIS6 设备,但出现错误:
I am trying to connect to an IIS6 box running a godaddy 256bit SSL cert, and I am getting the error :
java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
一直在试图确定可能导致这种情况的原因,但现在正在绘制空白.
Been trying to determine what could be causing that, but drawing blanks right now.
这是我的连接方式:
HttpsURLConnection conn;
conn = (HttpsURLConnection) (new URL(mURL)).openConnection();
conn.setConnectTimeout(20000);
conn.setDoInput(true);
conn.setDoOutput(true);
conn.connect();
String tempString = toString(conn.getInputStream());
推荐答案
@Chrispix 的解决方案很危险!信任所有证书允许任何人进行中间人攻击!只需将任何证书发送给客户端,它就会接受它!
The solution of @Chrispix is dangerous! Trusting all certificates allows anybody to do a man in the middle attack! Just send ANY certificate to the client and it will accept it!
将您的证书添加到自定义信任管理器,如本文所述:通过 HTTPS 使用 HttpClient 信任所有证书
Add your certificate(s) to a custom trust manager like described in this post: Trusting all certificates using HttpClient over HTTPS
虽然使用自定义证书建立安全连接稍微复杂一些,但它会给你带来你想要的ssl加密安全,没有中间人攻击的危险!
Although it is a bit more complex to establish a secure connection with a custom certificate, it will bring you the wanted ssl encryption security without the danger of man in the middle attack!
这篇关于找不到 Android SSL 连接的信任锚的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!