我有以下用Java编写的源代码,它创建了与远程服务器的https连接并向http服务器发出了一些请求:
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.util.*;
import java.security.cert.X509Certificate;
import java.security.*;
import javax.net.ssl.SSLContext;
import org.apache.http.HttpEntity;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import javax.net.ssl.SSLContext;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.util.EntityUtils;
public class trustStore {
public static void main(String[] args) throws Exception {
char[] password = "OQASNRati6c=".toCharArray();
FileInputStream fIn = new FileInputStream("lamkin.p12");
KeyStore keystore = KeyStore.getInstance("PKCS12");
keystore.load(fIn, password);
SSLContext sslcontext = SSLContexts.custom().loadTrustMaterial(keystore, new TrustSelfSignedStrategy()).build();
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslcontext, new String[] { "TLSv1" }, null, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory(sslsf).build();
try {
HttpGet httpget = new HttpGet("https://172.20.175.1/kani/");
System.out.println("executeng request" + httpget.getRequestLine());
CloseableHttpResponse response = httpclient.execute(httpget);
try {
HttpEntity entity = response.getEntity();
System.out.println("-------------------------------");
System.out.println(response.getStatusLine());
if (entity != null) {
System.out.println("Response content lingth: " + entity.getContentLength());
}
EntityUtils.consume(entity);
} finally {
response.close();
}
} finally {
httpclient.close();
}
}
}
我尝试为Android平台做同样的事情,我遇到了问题:如何在Android应用程序中释放下一个代码串:
SSLContext sslcontext = SSLContexts.custom().loadTrustMaterial(keystore, new TrustSelfSignedStrategy()).build();
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslcontext, new String[] { "TLSv1" }, null, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory(sslsf).build();
我在Android SDK CloseableHttpClient,SSLContexts,SSLConnectionSOcketFactory中找不到。 任何人都可以告诉我什么是SSLSocketFactory?为什么需要?
更新:
我尝试使用以下代码行:
FileInputStream fIn = new FileInputStream("lamkin.p12");
KeyStore keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(fIn, password);
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(keyStore);
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(keyStore, password);
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), null);
URL url = new URL("https://kompot.petrsu.ru/kani/");
HttpsURLConnection urlConnection = (HttpsURLConnection)url.openConnection();
urlConnection.setSSLSocketFactory(context.getSocketFactory());
InputStream in = urlConnection.getInputStream();
它在Ubuntu OS上不起作用,出现以下异常:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
我在Android操作系统上做了同样的事情,然后我得到了以下异常:
04-11 11:35:30.123: W/System.err(4880): javax.net.ssl.SSLHandshakeException:
java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
04-11 11:35:30.133: W/System.err(4880): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:401)
04-11 11:35:30.133: W/System.err(4880): at libcore.net.http.HttpConnection.setupSecureSocket(HttpConnection.java:209)
04-11 11:35:30.133: W/System.err(4880): at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.makeSslConnection(HttpsURLConnectionImpl.java:478)
04-11 11:35:30.133: W/System.err(4880): at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.connect(HttpsURLConnectionImpl.java:433)
etc...
可能有什么问题?