错误https请求android< 20

时间:2017-11-23 17:02:00

标签: android https android-4.4-kitkat okhttp3 alexa-voice-service

我正在尝试使用OKhttp3开发一款与亚马逊alexa交流的应用。当我在Android API 26上尝试应用程序时,一切正常。 但是一旦我开始使用Android API 19,每个https://avs-alexa-na.amazon.com/请求都会失败
在使用API​​ 19之前,我使用此功能打开下行通道。

    final String url = "https://avs-alexa-na.amazon.com/";
    final String version = "v20160207";
    final Request request = new Request.Builder()
            .get()
            .header("Authorization", "Bearer " + myApplication.getAccessToken())
            .url(url + version + "/directives")
            .build();
    try {
        final OkHttpClient client = new OkHttpClient();
        Response response = client.newCall(request).execute();
        Log.i("Down channel", "opened");
    } catch (Exception ex) {
        Log.e("Down channel", "error Sending request " + ex.getLocalizedMessage());
    }


但是现在这个函数返回javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb969de80: Failure in SSL library, usually a protocol error error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:741 0x8d954990:0x00000000)

所以在关注了一些帖子之后我就知道android 19没有默认安装TLSv1.2所以我添加了一个函数来安装它并开始出现这个错误:unexpected end of stream on Connection{avs-alexa-na.amazon.com:443, proxy=DIRECT@ hostAddress=avs-alexa-na.amazon.com/54.239.39.74:443 cipherSuite=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 protocol=http/1.1}

我开始探索使用证书的其他方式(我的证书,以及openssl s_client -connect avs-alexa-eu.amazon.com:443获得的亚马逊证书:

SSLContext sslContext;
    TrustManager[] trustManagers;
    try {
        final KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        final InputStream certInputStream = activity.getResources().openRawResource(R.raw.cert);
        InputStream avscertInputStream = activity.getResources().openRawResource(R.raw.amazon_avs_cert);
        final CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        final Certificate cert = certificateFactory.generateCertificate(certInputStream);
        final Certificate avscert = certificateFactory.generateCertificate(avscertInputStream);
        keyStore.setCertificateEntry("amazon_avs", avscert);
        keyStore.setCertificateEntry("cert", cert);
        final TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        trustManagers = trustManagerFactory.getTrustManagers();
        sslContext = SSLContext.getInstance("TLSv1.2");
        sslContext.init(null, trustManagers, null);
        return new OkHttpClient.Builder()
                .sslSocketFactory(sslContext.getSocketFactory(), (X509TrustManager) trustManagers[0])
                .build();
    } catch (Exception e) {
        e.printStackTrace();
        return new OkHttpClient();
    }

但它导致java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

我迷路了,我不知道自己做错了什么或者我做了什么。谢谢你的帮助。

0 个答案:

没有答案
相关问题
最新问题