找不到 Android SSL 连接的信任锚 [英] Trust Anchor not found for Android SSL Connection

问题描述

我正在尝试连接到运行 Godaddy 256 位 SSL 证书的 IIS6 设备，但出现错误:

I am trying to connect to an IIS6 box running a godaddy 256bit SSL cert, and I am getting the error :

java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

一直在试图确定可能导致这种情况的原因，但现在正在绘制空白.

Been trying to determine what could be causing that, but drawing blanks right now.

这是我的连接方式:

HttpsURLConnection conn;              
conn = (HttpsURLConnection) (new URL(mURL)).openConnection();
conn.setConnectTimeout(20000);
conn.setDoInput(true);
conn.setDoOutput(true);
conn.connect();
String tempString = toString(conn.getInputStream());

推荐答案

@Chrispix 的解决方案很危险！信任所有证书允许任何人进行中间人攻击！只需将任何证书发送给客户端，它就会接受它！

The solution of @Chrispix is dangerous! Trusting all certificates allows anybody to do a man in the middle attack! Just send ANY certificate to the client and it will accept it!

将您的证书添加到自定义信任管理器，如本文所述:通过 HTTPS 使用 HttpClient 信任所有证书

Add your certificate(s) to a custom trust manager like described in this post: Trusting all certificates using HttpClient over HTTPS

虽然使用自定义证书建立安全连接稍微复杂一些，但它会给你带来你想要的ssl加密安全，没有中间人攻击的危险！

Although it is a bit more complex to establish a secure connection with a custom certificate, it will bring you the wanted ssl encryption security without the danger of man in the middle attack!

这篇关于找不到 Android SSL 连接的信任锚的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！