我有一个Android应用程序正在侦听套接字连接,可以读取httpheaders(通过浏览器发送(工作得很好!))。现在我不会切换到SSL套接字,但我无法完成它。
我开始工作的事情
我没有工作的事情(以及我需要帮助的地方):
码
public void run() {
try {
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(service.getBaseContext().getResources().openRawResource(R.raw.keystore),"password".toCharArray());
ServerSocketFactory socketFactory = SSLServerSocketFactory
.getDefault();
SSLServerSocket mServerSocket = (SSLServerSocket) socketFactory
.createServerSocket(8080);
while (!mServerSocket.isClosed()) {
mServerSocket.setEnabledCipherSuites(mServerSocket.getSupportedCipherSuites());
mServerSocket.setEnabledProtocols(mServerSocket.getSupportedProtocols());
System.out.println("waiting");
SSLSocket client = (SSLSocket) mServerSocket.accept();
client.addHandshakeCompletedListener(new HandshakeCompletedListener(){
public void handshakeCompleted(HandshakeCompletedEvent arg0) {
System.out.println("handshakeCompleted");
}
});
client.startHandshake(); //MultiThreadWebServer.java:136
client.getOutputStream().flush();
client.close();
}
} catch (Exception e) {
e.printStackTrace();
}
}
例外:
11-29 11:15:01.046: W/System.err(29941): javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x4fec3da8: Failure in SSL library, usually a protocol error
11-29 11:15:01.046: W/System.err(29941): error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher (external/openssl/ssl/s3_srvr.c:1365 0x41b1e7f8:0x00000000)
11-29 11:15:01.046: W/System.err(29941): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:436)
11-29 11:15:01.046: W/System.err(29941): at at.aichinger.mario.aws.MultiThreadWebServer.run(MultiThreadWebServer.java:136)
连接到服务器我使用google cheome并访问“https://192.168.0.25:8080”如果我这样做,Exception会被抛出。
代码在线MultiThreadWebServer.java:136:
client.startHandshake();
答案 0 :(得分:0)
首先,这两行没有任何意义。如果要限制支持的密码套件和协议,请专门定义它们。但是你必须要小心,并非浏览器都支持所有密码套件。
mServerSocket.setEnabledCipherSuites(mServerSocket.getSupportedCipherSuites());
mServerSocket.setEnabledProtocols(mServerSocket.getSupportedProtocols());
代码中的问题是您没有使用密钥库。试试这个:
public void run() {
try {
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(service.getBaseContext().getResources().openRawResource(R.raw.keystore),
"password".toCharArray());
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, "password".toCharArray());
SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(keyManagerFactory.getKeyManagers(), null, null);
ServerSocketFactory socketFactory = sslContext.getServerSocketFactory();
SSLServerSocket mServerSocket = (SSLServerSocket) socketFactory.createServerSocket(8080);
while (!mServerSocket.isClosed()) {
System.out.println("waiting");
SSLSocket client = (SSLSocket) mServerSocket.accept();
client.addHandshakeCompletedListener(new HandshakeCompletedListener() {
public void handshakeCompleted(HandshakeCompletedEvent arg0) {
System.out.println("handshakeCompleted");
}
});
client.startHandshake(); // MultiThreadWebServer.java:136
client.getOutputStream().flush();
client.close();
}
} catch (Exception e) {
e.printStackTrace();
}
}
答案 1 :(得分:0)
请始终定义将在应用程序中使用的密钥库的类型,而不是使用密钥库的缺省类型。否则,服务器和客户端之间可能会发生密钥库不匹配的情况。