Java 尝试使用Android上改装2的自签名证书连接到我的服务器时出现SSLHandshakeException
我正在尝试使用自签名证书连接到API服务器。证书已成功安装在服务器上。我已经通过Java 尝试使用Android上改装2的自签名证书连接到我的服务器时出现SSLHandshakeException,java,android,https,retrofit2,okhttp,Java,Android,Https,Retrofit2,Okhttp,我正在尝试使用自签名证书连接到API服务器。证书已成功安装在服务器上。我已经通过OpenSSL和Firefox对其进行了测试。 我按照配置OkHttp。但它不起作用。当我尝试执行我的请求时,我会收到javax.net.ssl.SSLHandshakeException和java.security.cert.CertPathValidatorException:Trust anchor for certification path not found消息 这是我的密码: public HttpCl
OpenSSL
和Firefox
对其进行了测试。
我按照配置OkHttp
。但它不起作用。当我尝试执行我的请求时,我会收到javax.net.ssl.SSLHandshakeException
和java.security.cert.CertPathValidatorException:Trust anchor for certification path not found
消息
这是我的密码:
public HttpClient() {
/* ... */
SSLContext sslContext = null;
try {
sslContext = SSLContext.getInstance("TLSv1.2");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
KeyStore keyStore = readKeyStore();
TrustManagerFactory trustManagerFactory = null;
try {
trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, "password".toCharArray());
sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
}
catch (final Exception e) {
Log.e(TAG, e.toString());
}
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
X509TrustManager trustManager = (X509TrustManager) trustManagers[0];
OkHttpClient client = new OkHttpClient.Builder()
.sslSocketFactory(sslContext.getSocketFactory(), trustManager)
.build();
mRetrofit = new Retrofit.Builder()
.client(client)
.baseUrl(mBaseUrl)
.addConverterFactory(GsonConverterFactory.create())
.build();
}
private KeyStore readKeyStore() {
KeyStore ks = null;
try {
ks = KeyStore.getInstance("BKS");
}
catch (final Exception e) {
Log.e(TAG, e.toString());
}
char[] password = "password".toCharArray();
final Context context = App.app;
InputStream is = context.getResources().openRawResource(R.raw.key_sorage);
try {
ks.load(is, password);
}
catch (final Exception e) {
Log.e(TAG, e.toString());
}
finally {
if (is != null) {
try {
is.close();
}
catch (final Exception e2) {
Log.e(TAG, e2.toString());
}
}
}
return ks;
}
改型
版本为2.3.0。您是否已致电get-AcceptedAssuers查看您的证书是否在信任存储中?您是指trustManager.GetAcceptedAssuers()方法吗?它返回一个X509CertificateObject对象,它看起来像我的证书。