个人中心
gpt4 book ai didi

android - 我从 HTTPConnection 调用获取证书并保存在信任管理器中,但 webView 需要 SSL 而不是 X509 证书,是否可以转换?

转载 作者:太空宇宙 更新时间:2023-11-03 14:41:58 25 4
gpt4 key购买 nike

我有一个 HTTPConnection 调用,我在上面执行此操作:

 if(conn != null && conn.getServerCertificates() != null) {
        Utils.appendLog("Entered Logic to add certificates",false);
        Certificate ca = conn.getServerCertificates()[0];
        Log.i("","adding certificate is: " + ca.getPublicKey().toString());
        String keyStoreType = KeyStore.getDefaultType();
        KeyStore keyStore = KeyStore.getInstance(keyStoreType);
        InputStream readStream = new FileInputStream(c.getFilesDir() + "/VidyoRemote/keystore.jks");
        String pass = "Ready4Launch!";
        try{
            keyStore.load(readStream, pass.toCharArray());
        }catch (Exception e){
            Log.e("","error trying to load:" + e.getMessage());
            keyStore.load(null, pass.toCharArray());
        }
        keyStore.setCertificateEntry("ca", ca);
        FileOutputStream fos = new FileOutputStream(c.getFilesDir() + "/VidyoRemote/keystore.jks");
        keyStore.store(fos, pass.toCharArray());
        fos.close();
        String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
        TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
        tmf.init(keyStore);
        SSLContext context = SSLContext.getInstance("TLS");
        context.init(null, tmf.getTrustManagers(), null);
        HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
    }

在里面保存x509证书。但后来我需要使用 webview 连接到该 IP。我收到 SSL 证书的 SSL 错误。我如何检查这个SSL证书到我保存的X509?我的 OnReceivedSslError:

    @Override
    public void onReceivedSslError(WebView view, SslErrorHandler handler,
                                   SslError error) {
        Log.i("","ssl certificate is: " + error.getCertificate());
        Log.i("","ssl certificate is: " + error.getCertificate().getIssuedBy().toString());
        Log.i("","ssl certificate is: " + error.getCertificate().getIssuedTo().toString());
        Log.i("","ssl certificate is: " + error.getCertificate().getValidNotAfterDate().toString());
        c = new ContextWrapper(context);
        Utils.appendLog("received SSL error on webview: "+ + error.getPrimaryError() + " on certificate: " + error.getCertificate(), false);
        try{
            String keyStoreType = KeyStore.getDefaultType();
            KeyStore keyStore = KeyStore.getInstance(keyStoreType);
            InputStream readStream = new FileInputStream(c.getFilesDir() + "/VidyoRemote/keystore.jks");
            String pass = "Ready4Launch!";
            try{
                keyStore.load(readStream, pass.toCharArray());
            }catch (Exception e){
                Log.e("","error trying to load check:" + e.getMessage());
                keyStore.load(null, pass.toCharArray());
            }
            String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
            TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
            tmf.init(keyStore);
            for (TrustManager trustManager : tmf.getTrustManagers()){
                X509TrustManager x509TrustManager = (X509TrustManager) trustManager;
                for (X509Certificate certificate : x509TrustManager.getAcceptedIssuers()){
                    Log.i("","certificate is: " + certificate.toString());
                    Log.i("","certificate is: " + certificate.getSerialNumber());
                    Log.i("","certificate is: " + certificate.getSignature());
                    Log.i("","certificate is: " + certificate.getVersion());
                    Log.i("","certificate is: " + certificate.getPublicKey());
                }
            }
        }catch (Exception e){
            Log.e("","Error is: " + e.getMessage());
        }
//        handler.proceed();
    }

最佳答案

它是这样工作的:

  for (TrustManager trustManager : tmf.getTrustManagers()){
            X509TrustManager x509TrustManager = (X509TrustManager) trustManager;
            for (X509Certificate certificate : x509TrustManager.getAcceptedIssuers()){
                Log.i("","certificate is: " + certificate.getIssuerX500Principal().getName());
                if(error.getCertificate().toString().contains(certificate.getIssuerX500Principal().getName())){
                    handler.proceed();
                }
            }
        }

certificate.getIssuerX500Principal().getName() 包含在 SSL 证书中

关于android - 我从 HTTPConnection 调用获取证书并保存在信任管理器中,但 webView 需要 SSL 而不是 X509 证书,是否可以转换?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/42435740/

25 4 0
文章推荐: c# - 无法使用 UWP 应用程序访问我系统上的 Word 文档
文章推荐: python - ValueError : Invalid property specified for object of type plotly. graph_objs.Pie: 'xaxis'
文章推荐: c# - 如何在 asp.net 中生成刷新 token ?
文章推荐: wordpress - 我已经在 wordpress 网站上安装了 SSL 证书,但是安装 ssl 图像后没有显示( Logo 图像等)
太空宇宙
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com