之前:我已经尝试过这个:Provide own root-certificate for HTTPS-connection?和此Security with HTTPS and SSL以及一些overoverover-questions。
以前,我使用HTTP将POST数据发送到服务器。但是现在我想要出于安全原因更改为HTTPS / SSL。
到目前为止我的代码:
CertificateFactory cf =CertificateFactory.getInstance("X.509");
InputStreamcaInput caInput= new BufferedInputStream(getResources().openRawResource(R.raw.crtsrv));
Certificate ca;
try{
ca = cf.generateCertificate(caInput);
System.out.println(((X509Certificate) ca).getSubjectDN());
//This returns: OID.1.2.840.113549.1.9.1=#161C6265726E642E6672697363686D616E6E406F75746C6F6F6B2E636F6D, CN=IP, OU=UNIT, O=ORGANISATION, L=CITY, ST=STATE, C=AU
}finally{
caInput.close();
}
String keyStoreType = KeyStore.getDefaultType();
KeyStore keyStore = KeyStore.getInstance(keyStoreType);
keyStore.load(null,null);
keyStore.setCertificateEntry("cn", ca);
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keyStore);
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), null);
URL url = new URL(link);
HttpsURLConnection urlConnection = (HttpsURLConnection)url.openConnection();
//The statement above throws the exception, look down!
urlConnection.setSSLSocketFactory(context.getSocketFactory());
//After this there is the Outputstreamwriter & Bufferedreader to write
//and read the answer from the server,
//so far there is an exception above!
异常1已解决:字符串链接以http://而非https://
开头编辑新例外:
javax.net.ssl.SSLHandshakeException:java.security.cert.CertPathValidatorException:未找到证书路径的信任锚。
应该解决什么问题?