我正在从证书生成密钥库,如下所示:
export CLASSPATH=/Developer/BouncyCastle/bcprov-jdk16-146.jar
CERTSTORE=~/bitbucket/Android/CoooriJED/res/raw/mykeystore.bks
if [ -a $CERTSTORE ]; then
rm $CERTSTORE || exit 1
fi
keytool \
-importcert \
-v \
-trustcacerts \
-alias 0 \
-file <(openssl x509 -in mycert.pem) \
-keystore $CERTSTORE \
-storetype BKS \
-provider org.bouncycastle.jce.provider.BouncyCastleProvider \
-providerpath /Developer/BouncyCastle/bcprov-jdk16-146.jar \
-storepass password
这会生成一个没有明显问题的密钥库。在Eclipse中我清理我的Android项目并在raw文件夹中看到“mykeystore.bks”。我按如下方式加载密钥库:
private KeyStore keyStore()
{
try {
KeyStore trusted = KeyStore.getInstance("BKS");
InputStream in = context.getResources().openRawResource(R.raw.mykeystore);
try {
trusted.load(in, "password".toCharArray()); // *Throws an exception*
} finally {
in.close();
}
return trusted;
} catch (Exception e) {
throw new AssertionError(e);
}
}
我按如下方式调用此方法(我删除了异常处理以便于在此处阅读):
HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
KeyManagerFactory kmf = KeyManagerFactory.getInstance("X509");
kmf.init(keyStore(), "password".toCharArray());
但是,行trusted.load(in, "password".toCharArray())导致抛出“错误版本的密钥库”IOException。那是为什么?
提前感谢你。
答案 0 :(得分:1)
可能是您使用了错误版本的bcprov jar吗?它有不同的版本,您需要选择与您的java sdk对应的版本: