使用ksoap2-android的不信任的证书 [英] Not trusted certificate using ksoap2-android
问题描述
我使用ksoap2,机器人,使通过SSL调用WCF服务。我可以得到它不使用SSL的工作,但现在我想拨打电话通过SSL,但我已经在一些问题上运行。
我使用的HttpsTransportSE代替HttpTransportSE,但我得到的错误: javax.net.ssl.SSLException:不受信任的服务器证书
我该如何解决这个问题?
我可以将服务器证书添加到密钥存储在Android中,以解决这个问题?
私有静态最后弦乐SOAP_ACTION =http://example.com/Service/GetInformation;
私有静态最后弦乐METHOD_NAME =GetInformation;
私有静态最后弦乐NAMESPACE =http://example.com;
私有静态最后字符串的URL =dev.example.com/Service.svc;
公共静态结果GetInformation()
{
SoapObject请求=新SoapObject(命名空间METHOD_NAME);
的PropertyInfo属性=新的PropertyInfo();
property.name =要求;
请求请求=
新的请求(12,13,奔);
userInformationProperty.setValue(要求);
userInformationProperty.setType(request.getClass());
request.addProperty(属性);
SoapSerializationEnvelope包=新SoapSerializationEnvelope(SoapEnvelope.VER11);
envelope.dotNet = TRUE;
envelope.setOutputSoapObject(要求);
envelope.addMapping(命名空间中,请求,新申请()的getClass());
HttpsTransportSE运输=新HttpsTransportSE(URL,443,,1000);
// HttpTransportSE androidHttpTransport =新HttpTransportSE(URL);
transport.debug = TRUE;
尝试
{
transport.call(SOAP_ACTION,包);
返回Result.FromSoa presponse((SoapObject)envelope.getResponse());
}
赶上(IOException异常E)
{
e.printStackTrace();
}
赶上(XmlPullParserException E)
{
e.printStackTrace();
}
返回null;
}
嗯,还有一个更简单的方法做,而不是修改HttpsServiceConnectionSE这一点。您可以在<一个描述安装一个假的信任管理器href="http://groups.google.com/group/android-developers/browse_thread/thread/1ac2b851e07269ba/c7275f3b28ad8bbc?lnk=gst&q=certificate" rel="nofollow">http://groups.google.com/group/android-developers/browse_thread/thread/1ac2b851e07269ba/c7275f3b28ad8bbc?lnk=gst&q=certificate然后调用allowAllSSL()你做任何的SSL通信之前/来电ksoap2。它会注册一个新的默认的HostnameVerifier和的TrustManager。 ksoap2,做它的SSL通信时,将使用默认的,它就像一个魅力。
您也可以多放一些精力投入到这一点,使(多)更安全,在应用程序的本地信任管理器安装证书,我猜。我是在一个安全的网络,并不怕人在最中间的攻击,所以我只是做了第一次。
我觉得有必要使用KeepAliveHttpsTransportSE这样的新KeepAliveHttpsTransportSE(主机,端口,文件,超时);
。参数进入一个URL对象,所以例如访问吉拉安装它的东西,像新KeepAliveHttpsTransportSE(host.whatever,443,/ RPC / SOAP / jirasoapservice-V2,1000)
。
有时它方便,如果你是新的技术,或者你喜欢用玩弄它在J2SE环境,而不是在模拟器中,甚至在设备的Web服务,但在J2SE / ME ksoap2库(持续)HttpsTransportSE东西丢失(我用ksoap2-J2SE的全2.1.2.jar)。你可以做的是让来源为三类HttpsTransportSE,KeepAliveHttpsTransportSE和HttpsServiceConnectionSE从Android分拆ksoap2,Android和把它们放到你的J2SE项目,并使用它们。它的工作对我来说,它成为了生产率的提高来获得的第一个步骤,一个未知的和相当复杂的Web服务的权利。
I'm using ksoap2-android to make a call to wcf service over SSL. I can get it to work without SSL, but now I want to make the call over SSL, but I've run in to some problems.
I'm using the HttpsTransportSE instead of HttpTransportSE, but I'm getting the error: javax.net.ssl.SSLException: Not trusted server certificate
How can I fix this?
Can I add the server certificate to the Keystore in Android to solve the problem?
private static final String SOAP_ACTION = "http://example.com/Service/GetInformation";
private static final String METHOD_NAME = "GetInformation";
private static final String NAMESPACE = "http://example.com";
private static final String URL = "dev.example.com/Service.svc";
public static Result GetInformation()
{
SoapObject request = new SoapObject(NAMESPACE, METHOD_NAME);
PropertyInfo property = new PropertyInfo();
property.name = "request";
Request request =
new Request("12", "13", "Ben");
userInformationProperty.setValue(request);
userInformationProperty.setType(request.getClass());
request.addProperty(property);
SoapSerializationEnvelope envelope = new SoapSerializationEnvelope(SoapEnvelope.VER11);
envelope.dotNet = true;
envelope.setOutputSoapObject(request);
envelope.addMapping(NAMESPACE, "Request",new Request().getClass());
HttpsTransportSE transport = new HttpsTransportSE(URL, 443, "", 1000);
//HttpTransportSE androidHttpTransport = new HttpTransportSE(URL);
transport.debug = true;
try
{
transport.call(SOAP_ACTION, envelope);
return Result.FromSoapResponse((SoapObject)envelope.getResponse());
}
catch (IOException e)
{
e.printStackTrace();
}
catch (XmlPullParserException e)
{
e.printStackTrace();
}
return null;
}
Well, there is an easier way to do this instead of modifying HttpsServiceConnectionSE. You can install a fake trust manager as described in http://groups.google.com/group/android-developers/browse_thread/thread/1ac2b851e07269ba/c7275f3b28ad8bbc?lnk=gst&q=certificate and then call allowAllSSL() before you do any SSL communication/call to ksoap2. It will register a new default HostnameVerifier and TrustManager. ksoap2, when doing its SSL communication, will use the default ones and it works like a charm.
You can also put some more effort into this, make it (much) safer, and install certificates in an application local trust manager, I guess. I was in a safe network and not afraid of man-in-the-middle-attacks so I just did the first.
I found it necessary to use KeepAliveHttpsTransportSE like this new KeepAliveHttpsTransportSE(host, port, file, timeout);
. The parameters go into a URL object, so e.g. to access a Jira installation it's something like new KeepAliveHttpsTransportSE("host.whatever", 443, "/rpc/soap/jirasoapservice-v2", 1000)
.
Sometimes its handy if you are new to the technology or the web service you like to use to play around with it in a J2SE environment instead of in the emulator or even on the device, but in the J2SE/ME ksoap2 library the (KeepAlive)HttpsTransportSE stuff is missing (I used ksoap2-j2se-full-2.1.2.jar). What you could do is to get the sources for the three classes HttpsTransportSE, KeepAliveHttpsTransportSE, and HttpsServiceConnectionSE from the Android spin-off ksoap2-android and put them into your J2SE project and use them. It worked for me and it became a productivity improvement to get the first steps right with an unknown and quite complex web service.
这篇关于使用ksoap2-android的不信任的证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!