建立连接时发生SSL连接错误

时间:2018-10-17 16:15:10

标签: android ssl tls1.2 okhttp3

对此,我是一个全新的人,经过一些研究,试图与服务器建立SSL / TLS连接以允许在定义的网络之外进行SOAP调用。我使用OKHttp3库进行调用,并使用私钥共享.P12文件,并设置SSL套接字工厂,如下所示

setupKeyCert(context);    
 final OkHttpClient client = new OkHttpClient();
    client.newBuilder()
            .connectTimeout(30, TimeUnit.SECONDS)
            .sslSocketFactory(sslContext.getSocketFactory(), mainX509TrustManager);

并在

中设置梯形失真和信任管理器
  

setupKeyCert()

try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            KeyManagerFactory keyManagerFactory = null;
            if(buildEnvironment == "prod")
            {
                keyStore.load(context.getAssets().open(Constants.CERT_PROD_FILE), password);

                keyManagerFactory = KeyManagerFactory.getInstance("X509");
                keyManagerFactory.init(keyStore, Constants.CERT_PROD_VALUE.toCharArray());

            } else
            {
                keyStore.load(context.getAssets().open(Constants.CERT_FILE), Constants.CERT_VALUE.toCharArray());
                keyManagerFactory = KeyManagerFactory.getInstance("X509");
                keyManagerFactory.init(keyStore, Constants.CERT_VALUE.toCharArray());
            }
            KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();

            //Adding TrustManagerFactory
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
                throw new IllegalStateException("Unexpected default trust managers:"
                        + Arrays.toString(trustManagers));
            }
            mainX509TrustManager = (X509TrustManager) trustManagers[0];


            sslContext = SSLContext.getInstance("TLSv1.2");
            sslContext.init(keyManagers, null, null);
        } catch (FileNotFoundException f)
        {
            Log.e("Excption File", String.valueOf(f));
        } catch (Exception i)
        {
            Log.e(TAG, "Exception", i);
        }

其中Constant.CERT_PROD_FILE引用包含文件名的常量字符串。 调试或拨打电话时,出现错误

  

javax.net.ssl.SSLProtocolException:SSL握手终止:   ssl = 0x8a163cc0:SSL库失败,通常是协议错误   错误:10000410:SSL   例程:OPENSSL_内部:SSLV3_ALERT_HANDSHAKE_FAILURE   (外部/无聊的ssl / src / ssl / s3_pkt.c:610 0x9f7e3d00:0x00000001)

我不确定我缺少什么,我尝试了其他解决方案,包括与android 7问题相关的bug,但仍然无法正常工作。我尝试调试,只能看到上面的错误,所以不确定是服务器还是客户端出现问题。谢谢您的帮助。

0 个答案:

没有答案
相关问题
最新问题