java.io.IOException异常:主机名未验证 [英] java.io.IOException: Hostname was not verified
问题描述
我想从我的Android应用程序连接到一个URL中的Andorid版本4.1.1,而我得到了我的问题的标题指出的错误,但是当我试图从版本的Andorid 4.0连接相同的URL。 4或3.1,一切工作正常。
在code片段:
尝试{
。
。
。
网址URL =新的URL(urlStr);
Log.i(TAG,[URL]+ urlStr);
HttpURLConnection的康恩=(HttpURLConnection类)url.openConnection();
INT大小= conn.getContentLength();
INT响应code = conn.getResponse code();
Log.d(TAG,响应code:+响应code);
。
。
。
}赶上(例外五){
e.printStackTrace();
}
私有静态无效trustAllHosts(){
的TrustManager [] trustAllCerts =新的TrustManager [] {新X509TrustManager(){
公共java.security.cert.X509Certificate [] getAcceptedIssuers(){
返回新java.security.cert.X509Certificate [] {};
}
公共无效checkClientTrusted(x509证书[]链,
字符串的authType)抛出CertificateException {
}
公共无效checkServerTrusted(x509证书[]链,
字符串的authType)抛出CertificateException {
}
}};
尝试 {
的SSLContext SC = SSLContext.getInstance(TLS);
sc.init(NULL,trustAllCerts,新java.security.SecureRandom中的());
HttpsURLConnection
.setDefaultSSLSocketFactory(sc.getSocketFactory());
}赶上(例外五){
的System.out.println(IOException异常:HTTPSRequest :: trustAllHosts);
e.printStackTrace();
}
}
但在这里我清楚的一件事是,也许证书是自签名证书,不包括他们在密钥库中。
我不明白为什么这excepton occure只能在Android的Verison 4.1.1操作系统 谢谢你。
FULL堆栈跟踪
10月1日至31号:26:08.348:W / System.err的(3158):java.io.IOException异常:主机名<网址>未验证
10月1号至三十一号:26:08.348:W / System.err的(3158):在libcore.net.http.HttpConnection.verifySecureSocketHostname(HttpConnection.java:223)
10月1号至三十一号:26:08.348:W / System.err的(3158):在libcore.net.http.HttpsURLConnectionImpl $ HttpsEngine.connect(HttpsURLConnectionImpl.java:446)
10月1号至三十一号:26:08.348:W / System.err的(3158):在libcore.net.http.HttpEngine.sendSocketRequest(HttpEngine.java:289)
10月1号至三十一号:26:08.348:W / System.err的(3158):在libcore.net.http.HttpEngine.sendRequest(HttpEngine.java:239)
10月1号至三十一号:26:08.348:W / System.err的(3158):在libcore.net.http.HttpURLConnectionImpl.getResponse(HttpURLConnectionImpl.java:273)
10月1号至三十一号:26:08.348:W / System.err的(3158):在libcore.net.http.HttpURLConnectionImpl.getHeaderField(HttpURLConnectionImpl.java:130)
10月1号至三十一号:26:08.348:W / System.err的(3158):在java.net.URLConnection.getHeaderFieldInt(URLConnection.java:544)
10月1号至三十一号:26:08.348:W / System.err的(3158):在java.net.URLConnection.getContentLength(URLConnection.java:316)
10月1号至三十一号:26:08.348:W / System.err的(3158):在libcore.net.http.HttpsURLConnectionImpl.getContentLength(HttpsURLConnectionImpl.java:191)
10月1号至三十一号:26:08.348:W / System.err的(3158):在com.ih.util.HelpVideoServices $ downloadTask.run(HelpVideoServices.java:172)
在你使用证书运行的情况下,这并不意味着什么,你想绕过他们,你还需要添加一个空的主机名验证,使这个code工件
HttpsURLConnection.setDefaultHostnameVerifier(新NullHostNameVerifier());
的SSL连接上下文= SSLContext.getInstance(TLS);
context.init(NULL,新X509TrustManager [] {新NullX509TrustManager()},新的SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
而code主机:
进口javax.net.ssl.HostnameVerifier;
进口javax.net.ssl.SSLSession中;
公共类NullHostNameVerifier实现的HostnameVerifier {
@覆盖
公共布尔验证(字符串主机名,的SSLSession会话){
Log.i(RestUtilImpl+主机的批准证书);
返回true;
}
}
这需要运行一次,但如果你正在改变您的连接对象,你可能需要再次运行它。
I am trying to connect to a URL from a my Android app in Andorid Version 4.1.1, and I get the error indicated in the Title of my question, but when I tried to connect the same URL from Andorid Version 4.0.4 or 3.1, all works fine.
The Code fragment :
try {
.
.
.
URL url = new URL(urlStr);
Log.i(TAG,"[ URL ] " + urlStr);
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
int size = conn.getContentLength();
int responsecode = conn.getResponseCode();
Log.d(TAG, "Responsecode: " + responsecode);
.
.
.
} catch (Exception e) {
e.printStackTrace();
}
private static void trustAllHosts() {
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[] {};
}
public void checkClientTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
}
} };
try {
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection
.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (Exception e) {
System.out.println("IOException : HTTPSRequest::trustAllHosts");
e.printStackTrace();
}
}
But here i clear one thing is that "Maybe certificate is that self-signed certificates and is not including them in a KeyStore.
I do not understand why this excepton occure only in Android Verison 4.1.1 OS Thanks.
FULL STACK TRACE
01-31 10:26:08.348: W/System.err(3158): java.io.IOException: Hostname <URL> was not verified
01-31 10:26:08.348: W/System.err(3158): at libcore.net.http.HttpConnection.verifySecureSocketHostname(HttpConnection.java:223)
01-31 10:26:08.348: W/System.err(3158): at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.connect(HttpsURLConnectionImpl.java:446)
01-31 10:26:08.348: W/System.err(3158): at libcore.net.http.HttpEngine.sendSocketRequest(HttpEngine.java:289)
01-31 10:26:08.348: W/System.err(3158): at libcore.net.http.HttpEngine.sendRequest(HttpEngine.java:239)
01-31 10:26:08.348: W/System.err(3158): at libcore.net.http.HttpURLConnectionImpl.getResponse(HttpURLConnectionImpl.java:273)
01-31 10:26:08.348: W/System.err(3158): at libcore.net.http.HttpURLConnectionImpl.getHeaderField(HttpURLConnectionImpl.java:130)
01-31 10:26:08.348: W/System.err(3158): at java.net.URLConnection.getHeaderFieldInt(URLConnection.java:544)
01-31 10:26:08.348: W/System.err(3158): at java.net.URLConnection.getContentLength(URLConnection.java:316)
01-31 10:26:08.348: W/System.err(3158): at libcore.net.http.HttpsURLConnectionImpl.getContentLength(HttpsURLConnectionImpl.java:191)
01-31 10:26:08.348: W/System.err(3158): at com.ih.util.HelpVideoServices$downloadTask.run(HelpVideoServices.java:172)
In case you are running with certificates that doesn't mean anything and you want to bypass them you also need to add a null host name verifier to make this code work
HttpsURLConnection.setDefaultHostnameVerifier(new NullHostNameVerifier());
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, new X509TrustManager[]{new NullX509TrustManager()}, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
And the code for the host:
import javax.net.ssl.HostnameVerifier ;
import javax.net.ssl.SSLSession;
public class NullHostNameVerifier implements HostnameVerifier {
@Override
public boolean verify(String hostname, SSLSession session) {
Log.i("RestUtilImpl", "Approving certificate for " + hostname);
return true;
}
}
This needs to run once, but if you are making changes to your connection object you might need to run it again.
这篇关于java.io.IOException异常:主机名未验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!