0
我寫了一段代碼,需要在指定的網址上發佈到在線表單。該網站的SSL是一個自簽名SSL證書。我已經嘗試了一切,但繼續得到一個文件沒有發現異常。當我指定證書的URL時,它必須指向.crt文件的確切位置?Android:使用自簽名SSL通過網絡發佈證書
請看看下面的代碼,並請指導我在正確的方向:
public static byte[] doPost(String urlString, HashMap<String, String> postData, String certificateName) throws Exception
{
byte[] result = null;
// Load CAs from an InputStream
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
InputStream CAInput = new BufferedInputStream(new FileInputStream(certificateName));
Certificate certificate;
certificate = certificateFactory.generateCertificate(CAInput);
Dev.debug("Certificate: " + ((X509Certificate)certificate).getSubjectDN());
CAInput.close();
// Create Keystore containing our trusted certificates
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null, null);
keyStore.setCertificateEntry("tss_certificate", certificate);
// Create a TrustManager that trusts the CA in our KeyStore
String algorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm);
tmf.init(keyStore);
// Create an SSLContext that uses our TrustManager
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), null);
// Create URL and connection
// The url string is "keystore.crt"
URL url = new URL(urlString);
HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
// Set connection properties
connection.setSSLSocketFactory(context.getSocketFactory());
connection.setRequestMethod("POST");
connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
connection.setDoOutput(true);
connection.setDoInput(true);
// Create an output stream and write encoded data to the stream
byte[] output = HttpPost.postEncode(postData).getBytes();
OutputStream out = new BufferedOutputStream(connection.getOutputStream());
out.write(output);
out.flush();
// Write to input stream
if (connection.getResponseCode() == HttpURLConnection.HTTP_OK)
{
InputStream in = connection.getInputStream();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
byte[] buffer = new byte[1024];
int read;
while ((read = in.read()) > -1) baos.write(buffer, 0, read);
result = baos.toByteArray();
}
connection.disconnect();
return result;
}
這裏是堆棧跟蹤:
06-07 20:16:09.445 2382-4296/techss.fitmentmanager W/System.err: java.io.FileNotFoundException: keystore: open failed: ENOENT (No such file or directory)
06-07 20:16:09.445 2382-4296/techss.fitmentmanager W/System.err: at libcore.io.IoBridge.open(IoBridge.java:452)
06-07 20:16:09.445 2382-4296/techss.fitmentmanager W/System.err: at java.io.FileInputStream.<init>(FileInputStream.java:76)
06-07 20:16:09.446 2382-4296/techss.fitmentmanager W/System.err: at java.io.FileInputStream.<init>(FileInputStream.java:103)
06-07 20:16:09.446 2382-4296/techss.fitmentmanager W/System.err: at techss.app_lib.HttpPostCert.doPost(HttpPostCert.java:34)
06-07 20:16:09.446 2382-4296/techss.fitmentmanager W/System.err: at techss.fitmentmanager.jobcard.jobcard_steps.JobCardStepSelectStateStaticAsset$2$override.run(JobCardStepSelectStateStaticAsset.java:104)
06-07 20:16:09.446 2382-4296/techss.fitmentmanager W/System.err: at techss.fitmentmanager.jobcard.jobcard_steps.JobCardStepSelectStateStaticAsset$2$override.access$dispatch(JobCardStepSelectStateStaticAsset.java)
06-07 20:16:09.446 2382-4296/techss.fitmentmanager W/System.err: at techss.fitmentmanager.jobcard.jobcard_steps.JobCardStepSelectStateStaticAsset$2.run(JobCardStepSelectStateStaticAsset.java:0)
06-07 20:16:09.449 2382-4296/techss.fitmentmanager W/System.err: Caused by: android.system.ErrnoException: open failed: ENOENT (No such file or directory)
06-07 20:16:09.449 2382-4296/techss.fitmentmanager W/System.err: at libcore.io.Posix.open(Native Method)
06-07 20:16:09.449 2382-4296/techss.fitmentmanager W/System.err: at libcore.io.BlockGuardOs.open(BlockGuardOs.java:186)
06-07 20:16:09.449 2382-4296/techss.fitmentmanager W/System.err: at libcore.io.IoBridge.open(IoBridge.java:438)
06-07 20:16:09.449 2382-4296/techss.fitmentmanager W/System.err: ... 6 more
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:328)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.http.SocketConnector.connectTls(SocketConnector.java:103)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.Connection.connect(Connection.java:143)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.Connection.connectAndSetOwner(Connection.java:185)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.OkHttpClient$1.connectAndSetOwner(OkHttpClient.java:128)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.http.HttpEngine.nextConnection(HttpEngine.java:341)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:330)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:248)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:433)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.huc.HttpURLConnectionImpl.getResponse(HttpURLConnectionImpl.java:384)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.huc.HttpURLConnectionImpl.getInputStream(HttpURLConnectionImpl.java:231)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.getInputStream(DelegatingHttpsURLConnection.java:210)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.huc.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at techss.app_lib.CSVFile.importCsv(CSVFile.java:19)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at techss.fitmentmanager.jobcard.jobcard_steps.JobCardStepSelectStateStaticAsset$1.run(JobCardStepSelectStateStaticAsset.java:72)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:318)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.org.conscrypt.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:219)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:115)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:556)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:324)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: ... 14 more
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: Caused by: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: ... 20 more
感謝您的快速回復,但我正在做第二個例子所說的。我正在創建一個密鑰庫,但它正在我嘗試訪問的密鑰庫文件上拋出一個'FileNotFoundException'。我在我的服務器上有一個密鑰庫文件,我正在嘗試訪問該文件中的證書,但未找到該文件是問題的一部分。路徑是否必須位於該文件位置,還是由服務器提取?我不想採取步驟1來防止特別爲什麼有證書的攻擊。 –
您是否試圖從推出的服務器中選擇證書文件? (服務器是否有有效的證書?) – josemgu91
是的我試圖從服務器中選擇證書。服務器在KeyStore文件中有一個有效的自簽名證書。 –