个人中心
gpt4 book ai didi

Android 自签名客户端 CA 证书认证失败

转载 作者:太空宇宙 更新时间:2023-11-03 14:32:14 26 4
gpt4 key购买 nike

Android 自签名客户端 CA 证书认证失败,谁能分享他们处理类似问题的经验?使用相同的凭据,我们可以使用 CURL 客户端让它工作。

我们关注了this GIST但是我们无法通过它。

紧随其后,我们抛出了这个异常:

javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
        at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:374)

最佳答案

试试下面的代码

// Input stream for self signed CA certificate
InputStream caIs = getInputStream(caCert);
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
X509Certificate certificate = (X509Certificate) certificateFactory.generateCertificate(caIs);
String alias = certificate.getSubjectX500Principal().getName();
Log.d(TAG, String.format("Alias: %s", alias));

// KeyStore for trusted CA certificate(s)
KeyStore trustedStore = KeyStore.getInstance(KeyStore.getDefaultType());
trustedStore.load(null);
trustedStore.setCertificateEntry(alias, certificate);

// Create trust managers to be used for connecting to servics(s)
TrustManagerFactory tmf =  TrustManagerFactory.getInstance("X509");
tmf.init(trustedStore);
TrustManager[] trustManagers = tmf.getTrustManagers();

// KeyStore for X.509 certificate/key
KeyStore keyStore = KeyStore.getInstance("PKCS12");
InputStream clientIs = getInputStream(clientKeyCert);
keyStore.load(clientIs, "password".toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance("X509");
kmf.init(keyStore, "password".toCharArray());

// Create key managers to be uses for connecting to service(s)
KeyManager[] keyManagers = kmf.getKeyManagers();

// Create the SSL context
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(keyManagers, trustManagers, null);

// Test by connecting ta server proteced by self signed certificate
OkHttpClient client = new OkHttpClient.Builder().sslSocketFactory(sslContext.getSocketFactory()).build();
Call call = client.newCall(new Request.Builder().url("https://testurl.com").build());
Response response = call.execute();
Log.d(TAG, response.message());

关于Android 自签名客户端 CA 证书认证失败,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/51655275/

26 4 0
文章推荐: python - 如何在我的服务器上启用 SSL?
文章推荐: c# - 如何在windows窗体中开发类似 "outlook 2007 send/receive progress"对话框的窗体?
文章推荐: c# - 数据库迁移代码生成器
文章推荐: ssl - 为什么 POODLE Attack 只在降级到 SSL 3.0 后才生效?
太空宇宙
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com