public static async Task<string> CallApi(string url, Context context)
{
X509Certificate cert = null;
AndroidClientHandler clientHandler = new AndroidClientHandler();
var result = KeyChain.GetCertificateChain(context, "po");
cert = result[0]; // just for test
if (clientHandler.TrustedCerts != null)
{
clientHandler.TrustedCerts.Add(cert);
}
else
{
clientHandler.TrustedCerts = new List<Certificate>
{
cert
};
}
var keyStoreType = KeyStore.DefaultType;
var keyStore = KeyStore.GetInstance(keyStoreType);
keyStore.Load(null, null);
keyStore.SetCertificateEntry("po", cert);
// Create a TrustManager that trusts the CAs in our KeyStore
String tmfAlgorithm = TrustManagerFactory.DefaultAlgorithm;
TrustManagerFactory tmf = TrustManagerFactory.GetInstance(tmfAlgorithm);
tmf.Init(keyStore);
// Create an SSLContext that uses our TrustManager
SSLContext ctxt = SSLContext.GetInstance("TLS");
ctxt.Init(null, tmf.GetTrustManagers(), null);
var uri = new URL(url);
HttpsURLConnection urlConnection =
(HttpsURLConnection)uri.OpenConnection();
urlConnection.SSLSocketFactory = ctxt.SocketFactory;
// var inputStream = urlConnection.InputStream;
var client = new System.Net.Http.HttpClient(clientHandler);
var response = await client.GetAsync(url);
response.EnsureSuccessStatusCode();
string responseBody = await response.Content.ReadAsStringAsync();
return string.Empty;
}
}
我正在尝试将客户端证书与HttpClient请求一起使用。并使用以上代码进行通讯。但是在运行代码时,我得到了
Javax.Net.Ssl.SSLHandshakeException:java.security.cert.CertPathValidatorException:找不到证书路径的信任锚。
例外。附加调用堆栈以供参考。
Javax.Net.Ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. ---> Java.Security.Cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. ---> Java.Security.Cert.CertPathValidatorException: Trust anchor for certification path not found.
at java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
at at com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:646)
at at com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:605)
at at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:495)
at at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:418)
at at com.android.org.conscrypt.TrustManagerImpl.getTrustedChainForServer(TrustManagerImpl.java:339)
at at android.security.net.config.NetworkSecurityTrustManager.checkServerTrusted(NetworkSecurityTrustManager.java:94)
at at android.security.net.config.RootTrustManager.checkServerTrusted(RootTrustManager.java:88)
at at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:208)
at at com.android.org.conscrypt.ConscryptFileDescriptorSocket.verifyCertificateChain(ConscryptFileDescriptorSocket.java:404)
at at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at at com.android.org.conscrypt.NativeSsl.doHandshake(NativeSsl.java:375)
at at com.android.org.conscrypt.ConscryptFileDescriptorSocket.startHandshake(ConscryptFileDescriptorSocket.java:224)
at at com.android.okhttp.internal.io.RealConnection.connectTls(RealConnection.java:192)
at at com.android.okhttp.internal.io.RealConnection.connectSocket(RealConnection.java:149)
at at com.android.okhttp.internal.io.RealConnection.connect(RealConnection.java:112)
at at com.android.okhttp.internal.http.StreamAllocation.findConnection(StreamAllocation.java:184)
at at com.android.okhttp.internal.http.StreamAllocation.findHealthyConnection(StreamAllocation.java:126)
at at com.android.okhttp.internal.http.StreamAllocation.newStream(StreamAllocation.java:95)
at at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:281)
at at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:224)
at at com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:461)
at at com.android.okhttp.internal.huc.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:127)
at at com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.connect(DelegatingHttpsURLConnection.java:89)
at at com.android.okhttp.internal.huc.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:26)
--- End of inner exception stack trace ---
at java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
at at com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:646)
at at com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:605)
at at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:495)
at at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:418)
at at com.android.org.conscrypt.TrustManagerImpl.getTrustedChainForServer(TrustManagerImpl.java:339)
at at android.security.net.config.NetworkSecurityTrustManager.checkServerTrusted(NetworkSecurityTrustManager.java:94)
at at android.security.net.config.RootTrustManager.checkServerTrusted(RootTrustManager.java:88)
at at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:208)
at at com.android.org.conscrypt.ConscryptFileDescriptorSocket.verifyCertificateChain(ConscryptFileDescriptorSocket.java:404)
at at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at at com.android.org.conscrypt.NativeSsl.doHandshake(NativeSsl.java:375)
at at com.android.org.conscrypt.ConscryptFileDescriptorSocket.startHandshake(ConscryptFileDescriptorSocket.java:224)
at at com.android.okhttp.internal.io.RealConnection.connectTls(RealConnection.java:192)
at at com.android.okhttp.internal.io.RealConnection.connectSocket(RealConnection.java:149)
at at com.android.okhttp.internal.io.RealConnection.connect(RealConnection.java:112)
at at com.android.okhttp.internal.http.StreamAllocation.findConnection(StreamAllocation.java:184)
at at com.android.okhttp.internal.http.StreamAllocation.findHealthyConnection(StreamAllocation.java:126)
at at com.android.okhttp.internal.http.StreamAllocation.newStream(StreamAllocation.java:95)
at at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:281)
at at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:224)
at at com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:461)
at at com.android.okhttp.internal.huc.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:127)
at at com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.connect(DelegatingHttpsURLConnection.java:89)
at at com.android.okhttp.internal.huc.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:26)
at Caused by: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
at ... 24 more
--- End of inner exception stack trace ---
at javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
at at com.android.org.conscrypt.ConscryptFileDescriptorSocket.startHandshake(ConscryptFileDescriptorSocket.java:229)
at at com.android.okhttp.internal.io.RealConnection.connectTls(RealConnection.java:192)
at at com.android.okhttp.internal.io.RealConnection.connectSocket(RealConnection.java:149)
at at com.android.okhttp.internal.io.RealConnection.connect(RealConnection.java:112)
at at com.android.okhttp.internal.http.StreamAllocation.findConnection(StreamAllocation.java:184)
at at com.android.okhttp.internal.http.StreamAllocation.findHealthyConnection(StreamAllocation.java:126)
at at com.android.okhttp.internal.http.StreamAllocation.newStream(StreamAllocation.java:95)
at at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:281)
at at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:224)
at at com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:461)
at at com.android.okhttp.internal.huc.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:127)
at at com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.connect(DelegatingHttpsURLConnection.java:89)
at at com.android.okhttp.internal.huc.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:26)
at Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
at at com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:646)
at at com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:605)
at at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:495)
at at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:418)
at at com.android.org.conscrypt.TrustManagerImpl.getTrustedChainForServer(TrustManagerImpl.java:339)
at at android.security.net.config.NetworkSecurityTrustManager.checkServerTrusted(NetworkSecurityTrustManager.java:94)
at at android.security.net.config.RootTrustManager.checkServerTrusted(RootTrustManager.java:88)
at at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:208)
at at com.android.org.conscrypt.ConscryptFileDescriptorSocket.verifyCertificateChain(ConscryptFileDescriptorSocket.java:404)
at at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at at com.android.org.conscrypt.NativeSsl.doHandshake(NativeSsl.java:375)
at at com.android.org.conscrypt.ConscryptFileDescriptorSocket.startHandshake(ConscryptFileDescriptorSocket.java:224)
at ... 12 more
at Caused by: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
at ... 24 more
任何人都可以帮助我找到造成此问题的真正原因。