我正在开展一个项目,我的同事实施了一个https服务器,该服务器使用自签名服务器,我正在设计一个向其发送httpposts的Android应用程序。他用curl测试了它并没有问题。我使用的是Android 3.2,如果它是相关的。
按照本教程here,我生成了一个密钥库并将其添加到应用程序中,同时创建了一个自定义httpClient。我使用以下代码用post替换了get请求:
private InputStream postHttpConnection(String urlValue,
JSONObject jsonPost, Context context) {
InputStream inStream = null;
URL url;
try {
url = new URL(urlValue);
URLConnection conn = url.openConnection();
if (!(conn instanceof HttpURLConnection))
Log.e("postHttpConnection", "Fail: " + "Not an HTTP connection");
} catch (MalformedURLException e) {
Log.e("postHttpConnection", "Fail: " + e);
} catch (IOException e) {
Log.e("postHttpConnection", "Fail: " + e);
}
try {
DefaultHttpClient client = new MyHttpClient(context);
HttpConnectionParams
.setConnectionTimeout(client.getParams(), 10000);
HttpResponse postResponse;
HttpPost post = new HttpPost(urlValue);
StringEntity se = new StringEntity(jsonPost.toString());
post.setEntity(se);
post.setHeader("Accept", "application/json");
post.setHeader("Content-type", "application/json");
postResponse = client.execute(post);
inStream = postResponse.getEntity().getContent();
} catch (ClientProtocolException e) {
Log.e("postHttpConnection", "Fail: " + e);
} catch (IOException e) {
Log.e("postHttpConnection", "Fail: " + e);
}
return inStream;
}
当我使用此函数时,使用适当的JSONObject,我收到以下错误:
E/postHttpConnection(9236): Fail: javax.net.ssl.SSLException: Certificate for <address> doesn't contain CN or DNS subjectAlt
你能告诉我这与这有什么关系吗?谢谢。
答案 0 :(得分:4)
问题不在您的代码中,而在于证书中。您需要在证书的SubjectName.CommonName字段或证书的Subject Alternative Name扩展名中指定您的域名(客户端连接到的域名)。您需要重新创建证书,在执行此操作时,请查看有关如何指定CommonName的手册(您需要将其设置为“www.mydomain.com”)。
答案 1 :(得分:0)
private HttpClient getHttpClient(){
RegistryBuilder<ConnectionSocketFactory> registryBuilder = RegistryBuilder.<ConnectionSocketFactory> create();
ConnectionSocketFactory plainSF = new PlainConnectionSocketFactory();
registryBuilder.register("http", plainSF);
try {
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
TrustStrategy anyTrustStrategy = new TrustStrategy() {
@Override
public boolean isTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
return true;
}
};
SSLContext sslContext = SSLContexts.custom().useTLS().loadTrustMaterial(trustStore, anyTrustStrategy)
.build();
LayeredConnectionSocketFactory sslSF = new SSLConnectionSocketFactory(sslContext,
SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
registryBuilder.register("https", sslSF);
} catch (Exception e) {
throw new RuntimeException(e);
}
Registry<ConnectionSocketFactory> registry = registryBuilder.build();
PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(registry);
HttpClient httpclient = HttpClientBuilder.create().setConnectionManager(connManager).build();
return httpclient;
}