我写了一段代码,需要在指定的网址上发布到在线表单。该站点的SSL是自签名SSL证书。我已经尝试了一切,但一直得到一个文件未找到异常。当我指定证书的URL时,它必须指向.crt文件的确切位置吗?
请查看下面的代码,请指导我正确的方向:
public static byte[] doPost(String urlString, HashMap<String, String> postData, String certificateName) throws Exception
{
byte[] result = null;
// Load CAs from an InputStream
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
InputStream CAInput = new BufferedInputStream(new FileInputStream(certificateName));
Certificate certificate;
certificate = certificateFactory.generateCertificate(CAInput);
Dev.debug("Certificate: " + ((X509Certificate)certificate).getSubjectDN());
CAInput.close();
// Create Keystore containing our trusted certificates
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null, null);
keyStore.setCertificateEntry("tss_certificate", certificate);
// Create a TrustManager that trusts the CA in our KeyStore
String algorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm);
tmf.init(keyStore);
// Create an SSLContext that uses our TrustManager
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), null);
// Create URL and connection
// The url string is "keystore.crt"
URL url = new URL(urlString);
HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
// Set connection properties
connection.setSSLSocketFactory(context.getSocketFactory());
connection.setRequestMethod("POST");
connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
connection.setDoOutput(true);
connection.setDoInput(true);
// Create an output stream and write encoded data to the stream
byte[] output = HttpPost.postEncode(postData).getBytes();
OutputStream out = new BufferedOutputStream(connection.getOutputStream());
out.write(output);
out.flush();
// Write to input stream
if (connection.getResponseCode() == HttpURLConnection.HTTP_OK)
{
InputStream in = connection.getInputStream();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
byte[] buffer = new byte[1024];
int read;
while ((read = in.read()) > -1) baos.write(buffer, 0, read);
result = baos.toByteArray();
}
connection.disconnect();
return result;
}
这是stacktrace:
06-07 20:16:09.445 2382-4296/techss.fitmentmanager W/System.err: java.io.FileNotFoundException: keystore: open failed: ENOENT (No such file or directory)
06-07 20:16:09.445 2382-4296/techss.fitmentmanager W/System.err: at libcore.io.IoBridge.open(IoBridge.java:452)
06-07 20:16:09.445 2382-4296/techss.fitmentmanager W/System.err: at java.io.FileInputStream.<init>(FileInputStream.java:76)
06-07 20:16:09.446 2382-4296/techss.fitmentmanager W/System.err: at java.io.FileInputStream.<init>(FileInputStream.java:103)
06-07 20:16:09.446 2382-4296/techss.fitmentmanager W/System.err: at techss.app_lib.HttpPostCert.doPost(HttpPostCert.java:34)
06-07 20:16:09.446 2382-4296/techss.fitmentmanager W/System.err: at techss.fitmentmanager.jobcard.jobcard_steps.JobCardStepSelectStateStaticAsset$2$override.run(JobCardStepSelectStateStaticAsset.java:104)
06-07 20:16:09.446 2382-4296/techss.fitmentmanager W/System.err: at techss.fitmentmanager.jobcard.jobcard_steps.JobCardStepSelectStateStaticAsset$2$override.access$dispatch(JobCardStepSelectStateStaticAsset.java)
06-07 20:16:09.446 2382-4296/techss.fitmentmanager W/System.err: at techss.fitmentmanager.jobcard.jobcard_steps.JobCardStepSelectStateStaticAsset$2.run(JobCardStepSelectStateStaticAsset.java:0)
06-07 20:16:09.449 2382-4296/techss.fitmentmanager W/System.err: Caused by: android.system.ErrnoException: open failed: ENOENT (No such file or directory)
06-07 20:16:09.449 2382-4296/techss.fitmentmanager W/System.err: at libcore.io.Posix.open(Native Method)
06-07 20:16:09.449 2382-4296/techss.fitmentmanager W/System.err: at libcore.io.BlockGuardOs.open(BlockGuardOs.java:186)
06-07 20:16:09.449 2382-4296/techss.fitmentmanager W/System.err: at libcore.io.IoBridge.open(IoBridge.java:438)
06-07 20:16:09.449 2382-4296/techss.fitmentmanager W/System.err: ... 6 more
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:328)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.http.SocketConnector.connectTls(SocketConnector.java:103)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.Connection.connect(Connection.java:143)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.Connection.connectAndSetOwner(Connection.java:185)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.OkHttpClient$1.connectAndSetOwner(OkHttpClient.java:128)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.http.HttpEngine.nextConnection(HttpEngine.java:341)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:330)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:248)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:433)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.huc.HttpURLConnectionImpl.getResponse(HttpURLConnectionImpl.java:384)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.huc.HttpURLConnectionImpl.getInputStream(HttpURLConnectionImpl.java:231)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.getInputStream(DelegatingHttpsURLConnection.java:210)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.huc.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at techss.app_lib.CSVFile.importCsv(CSVFile.java:19)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at techss.fitmentmanager.jobcard.jobcard_steps.JobCardStepSelectStateStaticAsset$1.run(JobCardStepSelectStateStaticAsset.java:72)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:318)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.org.conscrypt.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:219)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:115)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:556)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:324)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: ... 14 more
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: Caused by: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: ... 20 more
答案 0 :(得分:0)
您正在接收SSL例外,因此我认为您正在尝试从不受信任的主机(或自签名)下载您的证书。如果你想这样做,你有两个选择: - 信任所有证书(不建议这样做,因为您接触到了攻击者)。 - 仅限您的自签名证书。 如果您想信任所有证书,请a way to do that(不推荐)。 如果您只想接受您的证书,那么您可以手动下载并安装,或者如果您想通过代码执行,那么您this answer might help you。