如何访问一个SSL连接通过Android的? [英] How Can I Access an SSL Connection Through Android?
问题描述
我开始关注,这不是针对Android套管的教程,并得到这样的:
System.setProperty(javax.net.ssl.trustStore中,信任库);
System.setProperty(javax.net.ssl.trustStorePassword中,密码);
SSLSocketFactory的SSF =(的SSLSocketFactory)SSLSocketFactory.getDefault();
尝试 {
插座S = ssf.createSocket(192.168.2.11,6543);
PrintWriter的输出=的新PrintWriter(s.getOutputStream());
而(真){
通过out.println(SSL TEST);
Log.d(DATADATA SENT);
}
}赶上(UnknownHostException异常E){
// TODO自动生成的catch块
e.printStackTrace();
}赶上(IOException异常E){
// TODO自动生成的catch块
e.printStackTrace();
}
我想这可以归结为几个问题:
-
我没有我自己的信任存储区中创建的,而是通过教程和搜索的东西在网上,我不知道如何创建一个。有没有一种方法,我可以创建或修改信任存储有我需要在它的证书? (我使用的是自签名证书,如果有什么差别)
-
我如何把事情的SSL握手平稳运行?现在,我得到的错误是:
javax.net.ssl.SSLHandshakeException:java.security.cert.CertPathValidatorException:认证路径信任锚没有找到。
老实说,我真的不明白是什么意思。
-
哪些设置或文件,我需要我的Android设备上进行修改,以确保这方面会发生?
1),这要看情况。你有没有在服务器端的自签名的证书和你想验证你的身份到Android设备?或者是你在Android端试图验证您的idendity到服务器?如果是前者,那么请参阅此链接:<一href="http://www.$c$cproject.com/KB/android/SSLVerification_Android.aspx?display=Mobile">http://www.$c$cproject.com/KB/android/SSLVerification_Android.aspx?display=Mobile
您要特别注意的地方,使密钥存储文件。
2)你得到这个错误的原因是因为它不信任你所连接的服务器或者是因为你没有正确地创建信任库或您连接到服务器的证书尚未添加到信任。究竟是什么你试图连接?
3)请确保您有&LT;使用-权限的Android:名称=android.permission.INTERNET对/&GT; 在manifest.xml
修改 我的道歉,请参阅我的第一款所做的更改。
下面是部分初始化密钥库和信任
的SSL连接的SSL连接= SSLContext.getDefault();
密钥库trustSt = KeyStore.getInstance(BKS);
的TrustManagerFactory的TrustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
InputStream的trustStoreStream = this.getResources()openRawResource(R.raw.truststore)。
trustSt.load(trustStoreStream,&其中;你的密码&gt;中。toCharArray());
trustManagerFactory.init(trustStre);
密钥库的keyStore = KeyStore.getInstance(BKS);
的KeyManagerFactory的KeyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
InputStream的keyStoreStream = this.getResources()openRawResource(R.raw.keystore)。
keyStore.load(keyStoreStream,&其中;你的密码&gt;中。toCharArray());
keyManagerFactory.init(密钥库&LT;你的密码&gt;中。toCharArray());
sslContext.init(keyManagerFactory.getKeyManagers(),trustManagerFactory.getTrustManagers(),NULL);
I started following a tutorial that wasn't cased around Android and got this:
System.setProperty("javax.net.ssl.trustStore", "truststore");
System.setProperty("javax.net.ssl.trustStorePassword", "password");
SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory.getDefault();
try {
Socket s = ssf.createSocket("192.168.2.11", 6543);
PrintWriter out = new PrintWriter(s.getOutputStream());
while (true){
out.println("SSL TEST");
Log.d("DATA", "DATA SENT");
}
} catch (UnknownHostException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
I guess this boils down to a few questions:
I do not have my own trust store created, but searching through tutorials and things online, I am not sure how to create one. Is there a way I can create or modify a trust store to have the certificates I need in it? (I am using a self-signed certificate if that makes any difference)
How do I make things with the SSL handshake run smoothly? Right now, the error I am getting is:
javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
Honestly, I don't really understand what that means.
What settings or files do I need to modify on my Android device to make sure this connection can happen?
1) It depends. Do you have a self signed cert on the server side and you are trying to validate your identity to the android device? Or are you on the android side trying to validate your idendity to the server? If it is the former , then please see this link: http://www.codeproject.com/KB/android/SSLVerification_Android.aspx?display=Mobile
You want to pay particular attention to where it makes the KeyStore file.
2) The reason you're getting that error is because it doesn't trust the server you are connecting either because you did not create the truststore correctly or you are connecting to a server whose certificate has not been added to the truststore. What exactly are you trying to connect to?
3) Make sure you have the <uses-permission android:name="android.permission.INTERNET" /> in the manifest.xml.
Edit My apologies, please see the changes I made to the first paragraph.
Here is the part to initialize your keystore and truststore
SSLcontext sslContext = SSLContext.getDefault();
KeyStore trustSt = KeyStore.getInstance("BKS");
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
InputStream trustStoreStream = this.getResources().openRawResource(R.raw.truststore);
trustSt.load(trustStoreStream, "<yourpassword>".toCharArray());
trustManagerFactory.init(trustStre);
KeyStore keyStore = KeyStore.getInstance("BKS");
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
InputStream keyStoreStream = this.getResources().openRawResource(R.raw.keystore);
keyStore.load(keyStoreStream, "<yourpassword>".toCharArray());
keyManagerFactory.init(keyStore, "<yourpassword>".toCharArray());
sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
这篇关于如何访问一个SSL连接通过Android的?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
