java服务器和android客户端之间的SSL连接失败 [英] SSL connection failure between java server and android client

问题描述

我正在尝试在java主机和Android客户端之间设置相互身份验证SSL连接。不知道为什么它没有连接。以下是Android客户端应用程序和Java服务器的代码。

I am trying to setup mutual authentication SSL connection between java host and android client. Don't know why its not getting connected. Below are the code of Android client app and Java server.

客户端代码：

private SSLContext createSSLContext(final Context cont){
    SSLContext ssl_cont = null;
    try {
        Log.d(TAG, "TrustStore - Initializing");   
        KeyStore trustStore = KeyStore.getInstance("BKS");
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        InputStream trustStoreStream = cont.getResources().openRawResource(R.raw.myclienttruststore);
        trustStore.load(trustStoreStream, "client".toCharArray());
        trustManagerFactory.init(trustStore);
        Log.d(TAG, "TrustStore - Initialized");

        // Setup keystore
        Log.d(TAG, "KeyStore - Initializing");
        KeyStore keyStore = KeyStore.getInstance("BKS");
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        InputStream keyStoreStream = cont.getResources().openRawResource(R.raw.myclient);
        keyStore.load(keyStoreStream, "client".toCharArray());
        keyManagerFactory.init(keyStore, "client".toCharArray());
        Log.d(TAG, "KeyStore - Initialized");

        ssl_cont = SSLContext.getInstance("TLS");
        ssl_cont.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null); 
    } catch (Exception e) {
        // TODO Auto-generated catch block
        alertbox("SSLClient", "ERROR: " + e.getMessage());
        Log.d(TAG, "ERROR: " + e.getMessage());
    }
    return ssl_cont;
}

OnClickListener onConnClick = new OnClickListener() {

    public void onClick(View arg0) {
        // TODO Auto-generated method stub
        try {
            // Setup the SSL context to use the truststore and keystore
            Log.d(TAG, "Started..");
            SSLContext ssl_context = createSSLContext(cont);
            Log.d(TAG,"here 1...");
            SSLSocketFactory socketFactory = (SSLSocketFactory) ssl_context.getSocketFactory();
            Log.d(TAG,"here 2...");
            socket = (SSLSocket) socketFactory.createSocket(ipadd.getText().toString().trim(), Integer.parseInt(port.getText().toString().trim()));
            Log.d(TAG,"here 3...");
            dataOut = new DataOutputStream(socket.getOutputStream());
            dataIn = new DataInputStream(socket.getInputStream());
            dataOut.writeUTF("Hello !!");
            msgin.setText("Connected");
            Log.d(TAG, "Completed..");
        } catch (Exception e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
            msgin.setText("Not connected");
            alertbox("Main", "ERROR: " + e.getMessage());
            Log.d(TAG, "ERROR: " + e.getMessage());
        }
    }
};

服务器代码：

    try {
        mySSLServerFac = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
        mySSLServerSocket = (SSLServerSocket) mySSLServerFac.createServerSocket(9999);
        System.out.println("Listening on 9999\n");
        mySSLSocket = (SSLSocket) mySSLServerSocket.accept();           
        DataInputStream input = new DataInputStream(mySSLSocket.getInputStream());
        DataOutputStream output = new DataOutputStream(mySSLSocket.getOutputStream());      
        do{
            System.out.println("Remote IP Address : " + mySSLSocket.getInetAddress());
            msg = input.readUTF().toString();
            System.out.println(msg);
            java.util.Scanner sc = new java.util.Scanner(System.in);
            output.writeUTF(sc.nextLine());
        }while(msg != "exit");
        System.out.println(msg);                
    } catch (Exception e) {
        e.printStackTrace();
    }

我在服务器上遇到No cipher suites in common错误。由于我无法进行SSL连接设置。如果您发现错误或主要问题，请帮助我。

I am stuck with "No cipher suites in common" error at server. Since i am nowhere in SSL connection setup. Let me help if you find out the bug or major problem.

这是链接我跟随创建证书和信任库。我创建的Truststore和kestore是这里

Here is the link i followed to create certificate and truststore. Truststore and kestore i have created are here

我使用的是Android 2.2和BKSProvider 1.46，请告诉我哪里出错了。我必须尽快完成这个项目。

I am using Android 2.2 and BKSProvider 1.46, please let know where i am going wrong. I have to wind up this project as soon as possible.

提前致谢。

推荐答案

它已经解决了！问题出在java主机的信任库，跟着这个帖子。

It's solved ! Problem was with the truststore of java host, followed this post.

需要为客户端/服务器指定trustStore，因为它们使用默认的trustStore，导致失败。在服务器上使用-Djavax.net.ssl.trustStore = servertruststore.jks -Djavax.net.ssl.trustStorePassword = server并创建自己的密钥库&客户端的信任库允许会话完成。这是-Djavax.net.debug = ssl，握手帮了很多。

The trustStore needs to be specified for client/server as they are using the default trustStore, causing failure. Using -Djavax.net.ssl.trustStore=servertruststore.jks -Djavax.net.ssl.trustStorePassword=server on the server and creating own keystore & truststore at client allows the session to complete. It was the -Djavax.net.debug=ssl,handshake which helped lot.

整个命令是：java -Djavax.net.ssl.keyStore = server.jks -Djavax.net.ssl.keyStorePassword = server -Djavax.net.ssl.trustStore = servertruststore.jks -Djavax.net.ssl.trustStorePassword = server SSLServer

The entire command is : java -Djavax.net.ssl.keyStore=server.jks -Djavax.net.ssl.keyStorePassword=server -Djavax.net.ssl.trustStore=servertruststore.jks -Djavax.net.ssl.trustStorePassword=server SSLServer

现在我我正在创建sslsession和多线程编程。

Now i am on to creating sslsession and multi-threaded programming.

这篇关于java服务器和android客户端之间的SSL连接失败的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！