我在Android 5.0及更高版本上遇到了asmack SSL连接问题。我认为这与安全有关。
我通过在连接之前禁用以下来解决它:
config.setSASLAuthenticationEnabled(false);
config.setSecurityMode(SecurityMode.disabled);
但我确实希望启用安全性。如何解决它而不禁用setSecurityMode
?
我看了5.0的变化 http://developer.android.com/about/versions/android-5.0-changes.html#ssl
但无法找到解决方案
我的logcat是
02-26 17:28:20.596: W/System.err(23043): -- caused by: javax.net.ssl.SSLHandshakeException: Handshake failed
02-26 17:28:20.596: W/System.err(23043): javax.net.ssl.SSLHandshakeException: Handshake failed
02-26 17:28:20.596: W/System.err(23043): at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:392)
02-26 17:28:20.601: W/System.err(23043): at com.android.org.conscrypt.OpenSSLSocketImpl.waitForHandshake(OpenSSLSocketImpl.java:652)
02-26 17:28:20.601: W/System.err(23043): at com.android.org.conscrypt.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.java:614)
02-26 17:28:20.601: W/System.err(23043): Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x9fca9e00: Failure in SSL library, usually a protocol error
02-26 17:28:20.601: W/System.err(23043): error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error (external/openssl/ssl/s23_clnt.c:765 0xaec30bf9:0x00000000)
02-26 17:28:20.601: W/System.err(23043): at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
02-26 17:28:20.601: W/System.err(23043): at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:320)
答案 0 :(得分:1)
问题是
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.ICE_CREAM_SANDWICH) {
config.setTruststoreType("AndroidCAStore");
config.setTruststorePassword(null);
config.setTruststorePath(null);
} else {
config.setTruststoreType("BKS");
String path = System.getProperty("javax.net.ssl.trustStore");
if (path == null)
path = System.getProperty("java.home") + File.separator
+ "etc" + File.separator + "security"
+ File.separator + "cacerts.bks";
config.setTruststorePath(path);
}
有了这个我使用自签名的ssl证书。应该通过在openfire上添加ssl证书并在应用程序中使用它来解决它
cvofjaspreet@gmail.com