如何避免获得“无对等证书"?在 Android 上连接到此 HTTPS 站点时出错? [英] How do I avoid getting "No peer certificate" error when connecting to this HTTPS site on Android?
问题描述
我正在开发一个需要访问 QuickPay 服务的 Android 应用程序 ("https://secure.quickpay.dk/form") 通过 Http 客户端.但是我在访问页面时不断收到错误消息.更具体地说,我收到无对等证书"错误消息.我已经尝试了几种不同的方法:我尝试将根证书添加到我的密钥库,并在连接时使用此密钥库,按照以下过程:将证书添加到密钥库.我也尝试接受所有证书,按照这里提出的方法:accepting certificate for android.我已成功连接到其他 https 站点,但似乎无法连接到此站点.我尝试过不同的 Android 设备(1.6、2.2 和 2.3.3).任何人都可以成功连接到 quickpay 的网站,或者任何人都可以提出可能的解决方案/修复方法吗?
I am developing an Android application which needs to access QuickPay's service ("https://secure.quickpay.dk/form") through an Http-client. But I keep getting errors when accessing the page. More specifically I get a "No Peer Certificate" error message. I tried several different things already: I tried adding the root certificate to my keystore, and to use this keystore when connecting, following this procedure: adding certificate to keystore. I also tried accepting all certificates, following the proposed method from here: accepting certificate for android. I have successfully connected to other https sites, but can not seem to connect to this one. I have tried on different Android devices (1.6, 2.2, and 2.3.3). Can anyone succeed in connecting to quickpay's site, or can anyone come up with a possible solution/fix?
//更新:如果我使用 WebView 访问此站点:付款窗口示例,然后按其中一个按钮(基本上只是启动带有一些预定义变量的 http 帖子),我可以在 Android 2.3.3 上的 web 视图中连接到该站点.此外,我发现如果我尝试在 Android 3.1 上启动上述应用程序,我会收到来自该站点的回复!有什么建议吗?
//Update: If I access this site with my WebView: payment window examples, and press one of the buttons (which basically just launches a http post with some pre-defined variables) I am able to connect to the site in the webview on Android 2.3.3. Furthermore, I found out that I get a reply from the site if I try to launch the above application on Android 3.1! Any suggestions?
public class MyHttpClient extends DefaultHttpClient {
final Context context;
public MyHttpClient(Context context) {
this.context = context;
loadHttps();
}
private void loadHttps() {
String url = "https://secure.quickpay.dk/form";
HttpPost httpPost = new HttpPost(url);
try {
System.out.println("Executing");
this.execute(httpPost);
} catch (UnsupportedEncodingException e) {
System.out.println(e.getMessage());
} catch (ClientProtocolException e) {
System.out.println(e.getMessage());
} catch (IOException e) {
System.out.println(e);
}
}
@Override
protected ClientConnectionManager createClientConnectionManager() {
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
registry.register(new Scheme("https", newSslSocketFactory(), 443));
return new SingleClientConnManager(getParams(), registry);
}
private SSLSocketFactory newSslSocketFactory() {
try {
KeyStore trusted = KeyStore.getInstance("BKS");
InputStream in = context.getResources().openRawResource(R.raw.test);
try {
trusted.load(in, "mysecret".toCharArray());
} finally {
in.close();
}
SSLSocketFactory sf = new SSLSocketFactory(trusted);
return sf;
} catch (Exception e) {
throw new AssertionError(e);
}
}
}
堆栈跟踪:
WARN/System.err(8459) at org.apache.harmony.xnet.provider.jsse.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java 258)
WARN/System.err(8459) at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java 93)
WARN/System.err(8459) at org.apache.http.conn.ssl.SSLSocketFactory.createSocket(SSLSocketFactory.java 381)
WARN/System.err(8459) at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java 177)
WARN/System.err(8459) at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java 164)
WARN/System.err(8459) at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java 119)
WARN/System.err(8459) at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java 359)
WARN/System.err(8459) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java 555)
WARN/System.err(8459) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java 487)
WARN/System.err(8459) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java 465)
WARN/System.err(8459) at test.https.MyHttpClient.loadHttps(MyHttpClient.java 34)
WARN/System.err(8459) at test.https.MyHttpClient.<init>(MyHttpClient.java 26)
WARN/System.err(8459) at test.https.HttpsTesterActivity.onCreate(HttpsTesterActivity.java 60)
WARN/System.err(8459) at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java 1047)
WARN/System.err(8459) at android.app.ActivityThread.performLaunchActivity(ActivityThread.java 1615)
WARN/System.err(8459) at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java 1667)
WARN/System.err(8459) at android.app.ActivityThread.access$1500(ActivityThread.java 117)
WARN/System.err(8459) at android.app.ActivityThread$H.handleMessage(ActivityThread.java 935)
WARN/System.err(8459) at android.os.Handler.dispatchMessage(Handler.java 99)
WARN/System.err(8459) at android.os.Looper.loop(Looper.java 123)
WARN/System.err(8459) at android.app.ActivityThread.main(ActivityThread.java 3687)
WARN/System.err(8459) at java.lang.reflect.Method.invokeNative(Native Method)
WARN/System.err(8459) at java.lang.reflect.Method.invoke(Method.java 507)
WARN/System.err(8459) at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java 842)
WARN/System.err(8459) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java 600)
推荐答案
总结一下,我通过坚持 WebView 方法解决了这个问题.与 API 的交互转移到服务器,创建一个处理证书问题的中间通信点.不是最优雅的解决方案,但它有效:)
Just to sum up, I fixed this issue by sticking to the WebView approach. The interaction with the API was moved to a server, creating an intermediate communication point which handles the certificate issues. Not the most elegant solution but it works :)
这篇关于如何避免获得“无对等证书"?在 Android 上连接到此 HTTPS 站点时出错?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
