我正在尝试通过Last.fm's API进行身份验证。
在Android 4.3上,只需执行
即可HttpPost post = new HttpPost("https://ws.audioscrobbler.com/2.0/");
post.setEntity(new UrlEncodedFormEntity(params));
HttpClient client = new DefaultHttpClient();
HttpResponse response = client.execute(post);
但是在2.3.3我得到了
javax.net.ssl.SSLPeerUnverifiedException: No peer certificate
然后我尝试了给出here的解决方案:
HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
DefaultHttpClient client = new DefaultHttpClient();
SchemeRegistry registry = new SchemeRegistry();
SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory();
socketFactory.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
registry.register(new Scheme("https", socketFactory, 443));
SingleClientConnManager mgr = new SingleClientConnManager(client.getParams(), registry);
DefaultHttpClient httpClient = new DefaultHttpClient(mgr, client.getParams());
// Set verifier
HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
HttpPost post = new HttpPost("https://ws.audioscrobbler.com/2.0/");
post.setEntity(new UrlEncodedFormEntity(params));
HttpResponse response = httpClient.execute(post);
但我仍然得到同样的错误。
然后我尝试了that:
HttpParams httpParams = new BasicHttpParams();
HttpProtocolParams.setVersion(httpParams, HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(httpParams, HTTP.DEFAULT_CONTENT_CHARSET);
HttpProtocolParams.setUseExpectContinue(httpParams, true);
SchemeRegistry schReg = new SchemeRegistry();
schReg.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
schReg.register(new Scheme("https", SSLSocketFactory.getSocketFactory(), 443));
ClientConnectionManager conMgr = new ThreadSafeClientConnManager(httpParams, schReg);
DefaultHttpClient httpClient = new DefaultHttpClient(conMgr, httpParams);
HttpPost post = new HttpPost("https://ws.audioscrobbler.com/2.0/");
post.setEntity(new UrlEncodedFormEntity(params));
HttpResponse response = httpClient.execute(post);
再次失败。
有人可以帮忙吗?
答案 0 :(得分:1)
证书从服务器返回的方式似乎存在一些问题,或者可能是android系统密钥库没有相关的根证书来验证和完成握手。
查看问题中提到的网站的certificate chain information,在我看来链条没有正确排序。
您可以尝试回答here