Android有1024位证书的问题吗?

时间:2011-08-01 14:42:36

标签: android ssl-certificate

我遇到了Android(版本3.1和2.3.4)抛出的问题:

javax.net.ssl.SSLPeerUnverifiedException: No peer certificate

访问具有Versign V3 1024位证书(CN = VeriSign Class 3安全服务器CA-G2)的RSS服务器时出错。我可以使用Versign V3 2048位证书访问不同的服务器,它很好。有没有人知道Android是否存在旧版1024位证书的问题?

实际的堆栈跟踪如下所示:

08-01 08:24:54.390: ERROR/DownloadRssFeedTask(1260): Caused by: javax.net.ssl.SSLPeerUnverifiedException: No peer certificate
08-01 08:24:54.390: ERROR/DownloadRssFeedTask(1260):     at org.apache.harmony.xnet.provider.jsse.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:258)
08-01 08:24:54.390: ERROR/DownloadRssFeedTask(1260):     at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:93)
08-01 08:24:54.390: ERROR/DownloadRssFeedTask(1260):     at org.apache.http.conn.ssl.SSLSocketFactory.createSocket(SSLSocketFactory.java:381)
08-01 08:24:54.390: ERROR/DownloadRssFeedTask(1260):     at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:164)
08-01 08:24:54.390: ERROR/DownloadRssFeedTask(1260):     at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164)
08-01 08:24:54.390: ERROR/DownloadRssFeedTask(1260):     at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119)
08-01 08:24:54.390: ERROR/DownloadRssFeedTask(1260):     at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:359)
08-01 08:24:54.390: ERROR/DownloadRssFeedTask(1260):     at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555)
08-01 08:24:54.390: ERROR/DownloadRssFeedTask(1260):     at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487)
08-01 08:24:54.390: ERROR/DownloadRssFeedTask(1260):     at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465)
08-01 08:24:54.390: ERROR/DownloadRssFeedTask(1260):     at org.springframework.http.client.HttpComponentsClientHttpRequest.executeInternal(HttpComponentsClientHttpRequest.java:80)
08-01 08:24:54.390: ERROR/DownloadRssFeedTask(1260):     at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:46)
08-01 08:24:54.390: ERROR/DownloadRssFeedTask(1260):     at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:56)
08-01 08:24:54.390: ERROR/DownloadRssFeedTask(1260):     at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:451)
08-01 08:24:54.390: ERROR/DownloadRssFeedTask(1260):     ... 10 more

1 个答案:

答案 0 :(得分:0)

你应该看一下这个帖子:

1024-bit SSL certificates provider

看起来使用1024位ssl证书太弱了。我查看了the code from apache harmony,但API看起来有点复杂(说实话,因为某些字段在SSLImpl类之外被修改了,这很笨拙),而且我找不到更多的信息。

看起来最好的解决方案是向您的网络托管服务提供商索取现代2048位x509证书。

此致  斯特凡

相关问题
最新问题