SSLHandshakeException unknown_ca apns java [英] SSLHandshakeException unknown_ca apns java
问题描述
我正在尝试为iPhone实现一个独立的应用程序;我希望为iphone客户端使用Apple Push通知。
我收到javax.net.ssl.SSLHandshakeException:收到致命警报:unknown_ca
以下是我连接到apns网关的Java代码:
I am trying to implement a standalone application for iphone; for which I wish to use Apple Push notification for iphone clients. I am getting javax.net.ssl.SSLHandshakeException: Received fatal alert: unknown_ca Following is my Java code to connect to apns gateway:
int port = 2195;
String hostname = "gateway.sandbox.push.apple.com";
char[] passwKey = "password".toCharArray();
KeyStore ts = KeyStore.getInstance("PKCS12");
ts.load(new FileInputStream("/path/to/file/Cert.p12"), passwKey);
KeyManagerFactory tmf = KeyManagerFactory.getInstance("SunX509");
tmf.init(ts, passwKey);
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(tmf.getKeyManagers(), null, null);
SSLSocketFactory factory = sslContext.getSocketFactory();
SSLSocket socket = (SSLSocket) factory.createSocket(hostname,port);
String[] suites = socket.getSupportedCipherSuites();
socket.setEnabledCipherSuites(suites);
//start handshake
socket.startHandshake();
请帮助我了解可以在我的Linux机器上安装ssl证书的内容和方式。
Please help me understand what and how the ssl certificate can be installed on my Linux machine.
编辑:
现在它对我有用,我重新创建了Cert.p12,程序开始工作。我不知道什么是不工作的确切原因,但我猜它会损坏Cert.p12文件。
It worked for me now, I recreated Cert.p12, and the program started working. I don't know what was the exact cause for not working, but I guess it would be corrupt Cert.p12 file.
谢谢大家的帮助。
推荐答案
unknown_ca:
unknown_ca:
收到有效证书链或部分链,但未接受证书,因为无法找到CA证书或无法与已知的可信CA匹配。此消息始终是致命的。
Received a valid certificate chain or partial chain, but the certificate was not accepted because the CA certificate could not be located or could not be matched with a known, trusted CA. This message is always fatal.
您可能需要将证书添加到jre的cacerts文件(通常位于lib / security下)。查看 keytool 及其文档-import选项以获取更多信息。
You may need to add the certificate to your jre's cacerts file (generally located under lib/security). Look into the documentation for keytool and its -import option for more information.
你可以通过进一步研究cacerts文件和keytool找到一个如何做到这一点的例子。
You can probably find an example of how to do this by researching the cacerts file and keytool further.
这篇关于SSLHandshakeException unknown_ca apns java的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
