Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/java/400.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Java 通过MQTT和ssl连接android设备_Java_Android_Ssl_Mqtt_Paho - Fatal编程技术网
Fatal编程技术网
  • java/
  • Java 通过MQTT和ssl连接android设备

Java 通过MQTT和ssl连接android设备

java android ssl mqtt

Java 通过MQTT和ssl连接android设备,java,android,ssl,mqtt,paho,Java,Android,Ssl,Mqtt,Paho,我已经用java创建了一个MQTT代理和一个客户机。它也可以使用SSL完美地工作。 由于代理服务器和客户机都是使用paho libs用java编写的,所以启用SSL很容易。我们只需将url中的协议从tcp切换到ssl IE:ssl://.messaging.internetofthings.ibmcloud.com:8883 在te src代码中设置一些道具: java.util.Properties sslClientProps = new java.util.Properties(); ss

我已经用java创建了一个MQTT代理和一个客户机。它也可以使用SSL完美地工作。 由于代理服务器和客户机都是使用paho libs用java编写的,所以启用SSL很容易。我们只需将url中的协议从tcp切换到ssl IE:ssl://.messaging.internetofthings.ibmcloud.com:8883 在te src代码中设置一些道具:

java.util.Properties sslClientProps = new java.util.Properties();
sslClientProps.setProperty("com.ibm.ssl.protocol", "TLSv1.2");
options.setSSLProperties(sslClientProps);
关于SSLContext

SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
sslContext.init(null, null, null);
然后创建一个安全的加密连接(使用WireShark嗅探数据包)

使用特定的CA可信证书也可以很好地工作(messaging.pem文件)

我需要使用Android客户端和定制MQTT Java服务器代理(不使用SSL,MQTT发布和订阅也可以在Android上正常工作)

问题似乎与从Android创建SSLSocketFactory有关

我做了以下测试:

1) 设置SSL道具(正如我在上面报告的java客户机的src中所做的那样)

2) 在Android客户端上传递CA可信证书(正如我在上面报告的java客户端的src中所做的那样)

3) 根据此处的报告,以BouncyCastle格式(与Android兼容)从受信任的CA生成密钥存储,并在Android客户端上传递密钥存储:

CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream keyStoreFile = getAssets().open("raw_key_file");
//keystore trusted
KeyStore keystoreTrust = KeyStore.getInstance("BKS");//Bouncy Castle format for Android
keystoreTrust.load(keyStoreFile, "mykeystorepassword".toCharArray());
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keystoreTrust);
SLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());
options.setSocketFactory(sslContext.getSocketFactory());
4) 使用本地信任存储(CA)和客户端证书:

// use local trust store (CA)
TrustManagerFactory tmf;
CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream srvIn = getAssets().open("messaging.pem");
Certificate ca = cf.generateCertificate(srvIn);
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null, null);
keyStore.setCertificateEntry("ca", ca);
tmf = TrustManagerFactory.getInstance("X509");
tmf.init(keyStore);
// load client certificate
KeyStore clientKeyStore = null;
InputStream clIn = getAssets().open("raw_key_file");
clientKeyStore = KeyStore.getInstance("BKS");
clientKeyStore.load(clIn, "mykeystorepassword".toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance("X509");
kmf.init(clientKeyStore, "mykeystorepassword".toCharArray());
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
options.setSocketFactory(sslContext.getSocketFactory());
不幸的是,在所有的测试中,我仍然得到了这个错误:MqttException(0)-javax.net.ssl.SSLException:Connection closed by peer

MqttException (0) - javax.net.ssl.SSLException: Connection closed by peer
at org.eclipse.paho.client.mqttv3.internal.ExceptionHelper.createMqttException(ExceptionHelper.java:38)
org.eclipse.paho.client.mqttv3.internal.ClientComms$ConnectBG.run(ClientComms.java:604)
at java.lang.Thread.run(Thread.java:841)
Caused by: javax.net.ssl.SSLException: Connection closed by peer
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:405)
at org.eclipse.paho.client.mqttv3.internal.SSLNetworkModule.start(SSLNetworkModule.java:89)
at org.eclipse.paho.client.mqttv3.internal.ClientComms$ConnectBG.run(ClientComms.java:590)
也许我仍然对证书过程感到困惑。如何从头开始创建并在服务器端和客户端使用(以与Android兼容的BouncyCastle格式创建密钥库)? 或者我在Android中使用SSLSocketFactory类时出错了

谢谢,任何建议都会得到认可。

我也想得到答案。 
MqttException (0) - javax.net.ssl.SSLException: Connection closed by peer
at org.eclipse.paho.client.mqttv3.internal.ExceptionHelper.createMqttException(ExceptionHelper.java:38)
org.eclipse.paho.client.mqttv3.internal.ClientComms$ConnectBG.run(ClientComms.java:604)
at java.lang.Thread.run(Thread.java:841)
Caused by: javax.net.ssl.SSLException: Connection closed by peer
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:405)
at org.eclipse.paho.client.mqttv3.internal.SSLNetworkModule.start(SSLNetworkModule.java:89)
at org.eclipse.paho.client.mqttv3.internal.ClientComms$ConnectBG.run(ClientComms.java:590)