可能重复:
javax.net.ssl.SSLException: Not trusted server certificate
我正在尝试使用带有.bks密钥库的“https”方案连接到服务器,但由于此问题我无法连接。
任何人都可以告诉我这是什么原因以及如何解决这个问题。
这是我的代码
public String httpRestGetCallwithCertificate(String url, String payLoad) {
String result = null;
DefaultHttpClient httpClient = null;
KeyStore trustStore = null;
try {
httpClient = new DefaultHttpClient(getHttpParams());
HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
HttpHost targetHost = new HttpHost("hostname","portno","https");
httpClient.getCredentialsProvider().setCredentials(
new AuthScope(targetHost.getHostName(), targetHost.getPort()),
new UsernamePasswordCredentials("username","password"));
trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
InputStream instream = mContext.getResources().openRawResource(R.raw.truststore);
try {
trustStore.load(instream, "password".toCharArray());
} finally {
try { instream.close(); } catch (Exception ignore) {}
}
SchemeRegistry registry = new SchemeRegistry();
SSLSocketFactory socketFactory = new SSLSocketFactory(trustStore);
socketFactory.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
Scheme sch = new Scheme("https", socketFactory, 443);
registry.register(sch);
HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
httpClient.getConnectionManager().getSchemeRegistry().register(sch);
HttpGet httpget = new HttpGet(url);
HttpResponse response = httpClient.execute(httpget);
if (response != null && response.getStatusLine().getStatusCode() == HttpStatus.SC_OK) {
return "success"
}
} catch (UnsupportedEncodingException exception) {
exception.printStackTrace();
} catch (ConnectTimeoutException exception) {
Log.e(TAG, "Network connetcion is not available");
exception.printStackTrace();
}catch(SocketTimeoutException exception){
Log.e(TAG, "Socket timed out.");
exception.printStackTrace();
} catch (IOException exception) {
Log.v("IO Exception", exception.toString());
exception.printStackTrace();
} catch (KeyStoreException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (UnrecoverableKeyException e) {
e.printStackTrace();
} catch (CertificateException e) {
e.printStackTrace();
} finally {
if (httpClient.getConnectionManager() != null) {
httpClient.getConnectionManager().shutdown();
}
httpPost = null;
}
return "fail";
}
以下是我的堆栈跟踪
03-06 16:53:50.460: W/System.err(1655): javax.net.ssl.SSLPeerUnverifiedException: No peer certificate
03-06 16:53:50.460: W/System.err(1655): at org.apache.harmony.xnet.provider.jsse.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:137)
03-06 16:53:50.470: W/System.err(1655): at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:93)
03-06 16:53:50.470: W/System.err(1655): at org.apache.http.conn.ssl.SSLSocketFactory.createSocket(SSLSocketFactory.java:381)
03-06 16:53:50.470: W/System.err(1655): at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:165)
03-06 16:53:50.470: W/System.err(1655): at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164)
03-06 16:53:50.470: W/System.err(1655): at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119)
03-06 16:53:50.470: W/System.err(1655): at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:360)
03-06 16:53:50.480: W/System.err(1655): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555)
03-06 16:53:50.480: W/System.err(1655): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487)
03-06 16:53:50.480: W/System.err(1655): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465)
我在执行下面的行
时遇到异常HttpResponse response = httpClient.execute(httpget);
答案 0 :(得分:-1)
正如Danial在回答以下问题时所说, 我们应该从org.apache.http.conn.ssl.SSLSocketFactory创建一个自定义类,而不是一个org.apache.http.conn.ssl.SSLSocketFactory本身