我有做休息的项目需要到HTTPS后端 这其中的一些设备工作正常,和其他人休息。
I have a project making REST calls to an HTTPS backend It which works fine on some devices, and breaks on others.
这是我的错误:
com.android.volley.NoConnectionError: javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException:SSL握手中止: SSL = 0x78004ee8:失败的SSL库,通常一个协议错误 错误:140770FCSL routinesSL23_GET_SERVER_HELLO:未知协议 (外部/ OpenSSL的/ SSL / s23_clnt.c:766 0x731f5d5c:00000000)
com.android.volley.NoConnectionError: javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x78004ee8: Failure in SSL library, usually a protocol error error:140770FCSL routinesSL23_GET_SERVER_HELLO:unknown protocol (external/openssl/ssl/s23_clnt.c:766 0x731f5d5c:0x00000000)
看着凌空文件,他们提到
Looking at the Volley documentation, they mention
你可以有你自己的HTTPStack(以处理SSL连接[...])
"You can include your own HTTPStack ( to handle SSL connections [...])"
已经有人这样做的凌空?如果是的话可以请你分享你的变化?
注:该证书是由已经在设备的受信任的证书的有效实体签署
Notes: The Certificate is signed by a valid entity which was already in the trusted certificates of the devices.
下面是我的解决办法:
在方法类排球
public static RequestQueue newRequestQueue(Context context, HttpStack stack)
找到以下文字:
locate the following text:
stack = new HurlStack();
然后该行更改为:
Then change this line to:
stack = new HurlStack(null, createSslSocketFactory());
在那里方法 createSslSocketFactory()
定义如下:
private static SSLSocketFactory createSslSocketFactory() {
TrustManager[] byPassTrustManagers = new TrustManager[]{new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
public void checkClientTrusted(X509Certificate[] chain, String authType) {
}
public void checkServerTrusted(X509Certificate[] chain, String authType) {
}
}};
SSLContext sslContext = null;
SSLSocketFactory sslSocketFactory = null;
try {
sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, byPassTrustManagers, new SecureRandom());
sslSocketFactory = sslContext.getSocketFactory();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
Log.e(TAG, StringUtils.EMPTY, e);
} catch (KeyManagementException e) {
Log.e(TAG, StringUtils.EMPTY, e);
}
return sslSocketFactory;
}
我知道,这是不是安全的,我却用它仅用于测试目的。您可以通过接受来自您的服务器只证书提高了安全性。
I know that this is not secure, but I use it for testing purposes only. You can improve the security by accepting only certificates from your servers.