我有一个自签名的服务器证书（cert.pem），并需要启用它的SSL套在一个Android应用程序。理想情况下，我想打包code为.jar文件，而不需要外部的证书文件（即包括它变成了code）。

I have a self signed server certificate (cert.pem) and need to enable it for SSL sockets in an Android application. Ideally I'd like to package the code as .jar file and not need an external certificate file (i.e. include it into the code).

通过这个code，我可以接受所有证书，这是不是我想要的：

With this code I can accept all certificates, which is not what I want:

SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, new TrustManager [] { new MyTrustManager() }, new SecureRandom());

我是否需要将证书添加到自定义的KeyManager或自定义的TrustManager？

Do I need to add the certificate to a custom KeyManager or the custom TrustManager?

我遇到的一个问题是，Android不接受JKS密钥（KeyStore.getDefaultType（）返回BKS）： java.security.KeyStoreException：找不到密钥库JKS实施

One problem I've encountered is that Android does not accept JKS keystores (KeyStore.getDefaultType() returns "BKS"): "java.security.KeyStoreException: KeyStore JKS implementation not found"

任何想法如何进行将是非常美联社preciated！

Any ideas how to proceed would be highly appreciated!

推荐答案

是的，你需要将证书添加到自定义密钥库。它基本上是一个4个步骤：

Yes, you need to add the certificate to a custom KeyStore. It is basically a 4-step process:

请参阅此链接了解详细的说明和示例code： http://randomizedsort.blogspot.com/2010/09/step-to-step-guide-to-programming.html

See this link for detailed instructions and sample code: http://randomizedsort.blogspot.com/2010/09/step-to-step-guide-to-programming.html

祝你好运。照片 Nehc

Good luck. Nehc