我正在开发一个需要通过HTTPS连接进行连接的android应用程序。但我得到IOException - 握手失败。
我所做的如下
首先,使用openssl获取服务器证书链
openssl s_client -connect www.bt.com.tn:443
得到了
> CONNECTED(00000003)
depth=2 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
0 s:/C=TN/ST=Tunis/L=TUNIS/O=Banque de Tunisie/OU=Direction de la monetique et du marketing/CN=online.bt.com.tn
i:/C=US/O=Symantec Corporation/OU=Symantec Trust Network/CN=Symantec Class 3 Secure Server CA - G4
1 s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
2 s:/C=US/O=Symantec Corporation/OU=Symantec Trust Network/CN=Symantec Class 3 Secure Server CA - G4
i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIQZtDWeo7G+J9ULuNMHiR/zTANBgkqhkiG9w0BAQsFADB+
MQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAd
BgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxLzAtBgNVBAMTJlN5bWFudGVj
IENsYXNzIDMgU2VjdXJlIFNlcnZlciBDQSAtIEc0MB4XDTE1MDYwOTAwMDAwMFoX
DTE4MDcyMjIzNTk1OVowgZgxCzAJBgNVBAYTAlROMQ4wDAYDVQQIDAVUdW5pczEO
MAwGA1UEBwwFVFVOSVMxGjAYBgNVBAoMEUJhbnF1ZSBkZSBUdW5pc2llMTIwMAYD
VQQLDClEaXJlY3Rpb24gZGUgbGEgbW9uZXRpcXVlIGV0IGR1IG1hcmtldGluZzEZ
MBcGA1UEAwwQb25saW5lLmJ0LmNvbS50bjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANfTQ0Dv2PwpDOGMsOG8r51Oc/aB8GJZrukelLgnqwTSQuCgXzyq
v2vRIvUtAXRyw/htfiSQXM0jyWgcMJgNSDkgb5IpVHj8P0V7zKehBe1DeuyF3bXM
QxxdcPW4pSBvL+c6a/EywpaQ+vyAJbP4Q5XOGstswZ8G0uwVIGLwfhz9E+lmYT6I
I5gnrifsxPJaTlENh8bke0T9mbIUtg01nJJ2yXuZ5bT+ZmNProkzxsk2mvoE3cv0
FtUeRmL4uAtLm881xnzrBEcxPtorGB96zfvczSA2O/0k4kUgLwXi12Lz9qcAe9s8
TB0MBoDCrVT2VWuQMHm1aIDQHNgiDQduVHMCAwEAAaOCAWUwggFhMBsGA1UdEQQU
MBKCEG9ubGluZS5idC5jb20udG4wCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAw
YQYDVR0gBFowWDBWBgZngQwBAgIwTDAjBggrBgEFBQcCARYXaHR0cHM6Ly9kLnN5
bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGQwXaHR0cHM6Ly9kLnN5bWNiLmNvbS9y
cGEwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3NzLnN5bWNiLmNvbS9zcy5jcmww
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB8GA1UdIwQYMBaAFF9gz2GQ
Vd+EQxSKYCqy9Xr0QxjvMFcGCCsGAQUFBwEBBEswSTAfBggrBgEFBQcwAYYTaHR0
cDovL3NzLnN5bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0cDovL3NzLnN5bWNiLmNv
bS9zcy5jcnQwDQYJKoZIhvcNAQELBQADggEBAI9wq6Bh6mTe8jrjsWtzn0yLy/Ht
34n6h5jl0EP4t2Qz6WET15kwZ7z1nBTB/Otjx0Vr4nVwr2f8ynn4iBYkDZZdmKKb
JtETyzO0aVdc4gUffNaszqzCHW9Kjwao0fZGO6N8a0wCzVcJPTs3egnJOHs5hsA7
Np318ststO9pQPfdbMK33+BSiUVnVeG56JMfQzOFHkv05cgPi+2bZ9p5gRKwuFSw
VWbELRFJTHxgovFI5+33+JXD0OaYPjRVvCoNdaf1DCtvaO2ZOvHjbmoO7XiTKYRz
o87XrSJuPJVFBMPtP2Gd+bkArzHl+6774RTaTdBaDueIk0O4kMhjZUxcl2g=
-----END CERTIFICATE-----
subject=/C=TN/ST=Tunis/L=TUNIS/O=Banque de Tunisie/OU=Direction de la monetique et du marketing/CN=online.bt.com.tn
issuer=/C=US/O=Symantec Corporation/OU=Symantec Trust Network/CN=Symantec Class 3 Secure Server CA - G4
---
No client certificate CA names sent
---
SSL handshake has read 4573 bytes and written 328 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : DHE-RSA-AES256-SHA
Session-ID: 59735BD9ABE9BBBA8F9B4041EAE4A25A47E6E125ADB3BBDEBD75C1CDDAA51551
Session-ID-ctx:
Master-Key: 06EE7455B1C0810E82B429E19FF400EFD8CF4052807F5AEDA52CA4BCBBD8A6DB6251ABB8FD49675624050B4A06920860
Key-Arg : None
Start Time: 1465465568
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
closed