我是初级 android 开发人员并创建了应用程序,一切正常,但是当我们向站点添加 SSL 保护时,问题开始出现。我将 key.pem 添加到 Assets 文件夹并尝试使用这个 example 但没有成功。请帮忙,我该如何解决这个问题?
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_gogo);
OkHttpClient client = new OkHttpClient();
SSLContext sslContext = SslUtils.getSslContextForCertificateFile("cert.pem");
client.setSslSocketFactory(sslContext.getSocketFactory());
HttpUrl.Builder urlBuilder = HttpUrl.parse("https://mysite/API/login.php").newBuilder();
urlBuilder.addQueryParameter("username", "xxxxxx");
urlBuilder.addQueryParameter("appkey", "xxxxxxx");
String url = urlBuilder.build().toString();
Request request = new Request.Builder()
.url(String.valueOf(urlBuilder))
.build();
client.newCall(request).enqueue(new Callback() {
@Override
public void onFailure(Request request, IOException e) {
e.printStackTrace();
}
@Override
public void onResponse(Response response) throws IOException {
if (!response.isSuccessful()){
throw new IOException("Unexpected code"+ response);
}
}
});
}
这是我的堆栈
W/System.err:javax.net.ssl.SSLHandshakeException:java.security.cert.CertPathValidatorException:找不到证书路径的信任 anchor 。
W/System.err:在 com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:333)
W/System.err:在 com.squareup.okhttp.Connection.connectTls(Connection.java:235)
W/System.err:在 com.squareup.okhttp.Connection.connectSocket(Connection.java:199)
W/System.err:在 com.squareup.okhttp.Connection.connect(Connection.java:172)
W/System.err:在 com.squareup.okhttp.Connection.connectAndSetOwner(Connection.java:367)
W/System.err: 在 com.squareup.okhttp.OkHttpClient$1.connectAndSetOwner(OkHttpClient.java:128)
W/System.err:在 com.squareup.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:328)
W/System.err:在 com.squareup.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:245)
W/System.err:在 com.squareup.okhttp.Call.getResponse(Call.java:267)
W/System.err: 在 com.squareup.okhttp.Call$ApplicationInterceptorChain.proceed(Call.java:224)
W/System.err: 在 com.squareup.okhttp.Call.getResponseWithInterceptorChain(Call.java:195)
W/System.err:在 com.squareup.okhttp.Call.access$100(Call.java:34)
W/System.err: 在 com.squareup.okhttp.Call$AsyncCall.execute(Call.java:162)
W/System.err:在 com.squareup.okhttp.internal.NamedRunnable.run(NamedRunnable.java:33)
W/System.err:在 java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1113)
W/System.err:在 java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:588)
W/System.err: 在 java.lang.Thread.run(Thread.java:818)
W/System.err:引起:java.security.cert.CertificateException:java.security.cert.CertPathValidatorException:找不到证书路径的信任 anchor 。
W/System.err:在 com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:324)
W/System.err:在 com.android.org.conscrypt.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:225)
W/System.err:在 com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:115)
W/System.err:在 com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:571)
W/System.err:在 com.android.org.conscrypt.NativeCrypto.SSL_do_handshake( native 方法)
W/System.err:在 com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:329)
W/System.err: ... 16 更多
W/System.err:原因:java.security.cert.CertPathValidatorException:找不到证书路径的信任 anchor 。
最佳答案
勾选此方法获取httpClient:
public static OkHttpClient getHttpClientForFile() {
ConnectionSpec spec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
.tlsVersions(TlsVersion.TLS_1_0)
.cipherSuites(
CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA,
CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA)
.build();
return new OkHttpClient.Builder()
.connectTimeout(2, TimeUnit.MINUTES)
.writeTimeout(2, TimeUnit.MINUTES)
.readTimeout(3, TimeUnit.MINUTES)
.connectionSpecs(Collections.singletonList(spec))
.protocols(Arrays.asList(Protocol.HTTP_1_1))
.build();
}
更多请访问here
关于android - 从 Android 应用程序连接到受 SSL 保护的服务器,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/44794040/