Java 接受自签名SSL证书
我使用以下方法在Android中发布HTTP帖子:Java 接受自签名SSL证书,java,android,http,ssl,Java,Android,Http,Ssl,我使用以下方法在Android中发布HTTP帖子: public static Strign post(String url, List<BasicNameValuePair> postParams, HttpClient client) throws ClientProtocolException, IOException { if (client == null) { client = getClient(); } Http
public static Strign post(String url, List<BasicNameValuePair> postParams,
HttpClient client) throws ClientProtocolException, IOException {
if (client == null) {
client = getClient();
}
HttpPost httppost = new HttpPost(url);
if ((postParams == null)) {
postParams = new ArrayList<BasicNameValuePair>();
}
httppost.setEntity(new UrlEncodedFormEntity(postParams, "UTF-8"));
// Execute HTTP Post Request
HttpResponse response = client.execute(httppost);
return requestToString(response);
}
如何解决此问题并接受自签名证书
感谢自签名证书无法达到SSL的目的。不要那样做。如果你不想使用CA,请在你的应用程序中嵌入公钥并进行验证(并确保允许密钥旋转和撤销)。谢谢,但我不需要它来验证主机,只想对传输的数据进行编码。如果你不验证主机,你就无法抵御MITM攻击。我知道,用于需要在第一个版本中编码的数据但主机验证可以等待的beta proyect:)。谢谢你的评论。安全很难。阅读
Catch exception while startHandshake: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
return an invalid session with invalid cipher suite of SSL_NULL_WITH_NULL_NULL
javax.net.ssl.SSLPeerUnverifiedException: No peer certificate
at org.apache.harmony.xnet.provider.jsse.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:137)
at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:93)
at org.apache.http.conn.ssl.SSLSocketFactory.createSocket(SSLSocketFactory.java:381)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:165)
at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164)
at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:367)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:748)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:519)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:497)