我开始遵循一个不在
Android环境中的教程,并得出以下结论:
System.setProperty("javax.net.ssl.trustStore","truststore"); System.setProperty("javax.net.ssl.trustStorePassword","password"); SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory.getDefault(); try { Socket s = ssf.createSocket("192.168.2.11",6543); PrintWriter out = new PrintWriter(s.getoutputStream()); while (true){ out.println("SSL TEST"); Log.d("DATA","DATA SENT"); } } catch (UnkNownHostException e) { // Todo Auto-generated catch block e.printstacktrace(); } catch (IOException e) { // Todo Auto-generated catch block e.printstacktrace(); }
我想这可以归结为几个问题:
>我没有创建自己的信任商店,但是在线搜索教程和内容,我不知道如何创建一个.有没有办法创建或修改信托商店以获得我需要的证书? (如果有任何差异,我正在使用自签名证书)
>如何使SSL握手顺利运行?现在,我得到的错误是:
javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
解决方法
1)这取决于您是否在服务器端具有自签名证书,并且您尝试验证您的身份到Android设备?或者您是否在Android端尝试验证您的idendity到服务器?如果是前者,那么请看这个链接:
http://www.codeproject.com/KB/android/SSLVerification_Android.aspx?display=Mobile
您要特别注意KeyStore文件的位置.
2)您收到该错误的原因是因为您不信任您正在连接的服务器,因为您没有正确创建信任库,或者您正在连接到其证书尚未添加到信任库的服务器.你到底要连接什么?
3)确保你有< uses-permission android:name =“android.permission.INTERNET”/>在manifest.xml中.
编辑
我的道歉请看我对第一段的修改.
这是初始化您的密钥库和信任库的部分
SSLcontext sslContext = SSLContext.getDefault();
KeyStore trustSt = KeyStore.getInstance("BKS");
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
InputStream trustStoreStream = this.getResources().openRawResource(R.raw.truststore);
trustSt.load(trustStoreStream,"<yourpassword>".tochararray());
trustManagerFactory.init(trustStre);
KeyStore keyStore = KeyStore.getInstance("BKS");
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
InputStream keyStoreStream = this.getResources().openRawResource(R.raw.keystore);
keyStore.load(keyStoreStream,"<yourpassword>".tochararray());
keyManagerFactory.init(keyStore,"<yourpassword>".tochararray());
sslContext.init(keyManagerFactory.getKeyManagers(),trustManagerFactory.getTrustManagers(),null);
