DefaultHttpClient，证书，HTTPS和张贴问题！证书、问题、DefaultHttpClient、HTTPS

2023-09-05 10:28:30 作者：花心少年多癡情!

我的应用程序需要能够发布到https和preserve是与饼干创建的会话。到目前为止，我有尝试的问题，并没有工作几种不同的方式。目前，我正在研究使用DefaultHttpClient，因为它应该自动$使用cookie方式创建p $ pserve会议。这节省了我的阅读Cookie，并与每一个其他后提交的痛苦。然而，当我尝试后使用$ C $词有，后失败与下面列出的证书错误。

我有这个证书错误早些时候另一种方式我正在试图解决这个问题，并得到了其与HttpsURLConnection工作，但不自动preserve会议与饼干。

是否有人可以看看我的code，告诉我什么，我做错了，我可以做的更好，什么需要改变，以得到它的工作？谢谢！！

我一直在试图解决这个问题了几天，现在，我越来越知道在哪里。每次我远一点我得到进一步推后。是否有人可以帮助我！ =）

  //我的发帖功能
    私有静态字符串后（字符串urlString，列表和LT;的NameValuePair＆GT; namevaluepairs中）
    抛出MalformedURLException的，的ProtocolException，IOException异常{
        DataOutputStream类ostream的= NULL;

        的HostnameVerifier的HostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;

        DefaultHttpClient客户端=新DefaultHttpClient（）;

        SchemeRegistry注册表=新SchemeRegistry（）;
        SSLSocketFactory的的SocketFactory = SSLSocketFactory.getSocketFactory（）;
        socketFactory.setHostnameVerifier（（X509HostnameVerifier）的HostnameVerifier）;
        registry.register（新计划（https开头，的SocketFactory，443））;
        SingleClientConnManager经理=新SingleClientConnManager（client.getParams（），注册）;
        DefaultHttpClient HTTP =新DefaultHttpClient（经理，client.getParams（））;

        HttpsURLConnection.setDefaultHostnameVerifier（的HostnameVerifier）;

        HttpPost httppost =新HttpPost（urlString）;

        httppost.setEntity（新UrlEn codedFormEntity（namevaluepairs中））;

        HTT presponse响应= http.execute（httppost）;

        返回response.toString（）;
}

  //错误
04-12 00：37：43.941：WARN / System.err的（284）：javax.net.ssl.SSLException：不被信任的服务器证书
04-12 00：37：43.961：WARN / System.err的（284）：在org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake（OpenSSLSocketImpl.java:371）
04-12 00：37：43.961：WARN / System.err的（284）：在org.apache.http.conn.ssl.AbstractVerifier.verify（AbstractVerifier.java:92）
04-12 00：37：43.970：WARN / System.err的（284）：在org.apache.http.conn.ssl.SSLSocketFactory.createSocket（SSLSocketFactory.java:381）
04-12 00：37：43.980：WARN / System.err的（284）：在org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:164)
04-12 00：37：43.980：WARN / System.err的（284）：在org.apache.http.impl.conn.AbstractPoolEntry.open（AbstractPoolEntry.java:164）
04-12 00：37：43.992：WARN / System.err的（284）：在org.apache.http.impl.conn.AbstractPooledConnAdapter.open（AbstractPooledConnAdapter.java:119）
04-12 00：37：44.000：WARN / System.err的（284）：在org.apache.http.impl.client.DefaultRequestDirector.execute（DefaultRequestDirector.java:348）
04-12 00：37：44.000：WARN / System.err的（284）：在org.apache.http.impl.client.AbstractHttpClient.execute（AbstractHttpClient.java:555）
04-12 00：37：44.000：WARN / System.err的（284）：在org.apache.http.impl.client.AbstractHttpClient.execute（AbstractHttpClient.java:487）
04-12 00：37：44.020：WARN / System.err的（284）：在org.apache.http.impl.client.AbstractHttpClient.execute（AbstractHttpClient.java:465）
04-12 00：37：44.020：WARN / System.err的（284）：在cpe495.smartapp.SmartDBHelper.post（SmartDBHelper.java:208）
04-12 00：37：44.030：WARN / System.err的（284）：在cpe495.smartapp.SmartDBHelper.authenticate（SmartDBHelper.java:105）
04-12 00：37：44.030：WARN / System.err的（284）：在cpe495.smartapp.DataSender.submitData（DataSender.java:28）
04-12 00：37：44.040：WARN / System.err的（284）：在cpe495.smartapp.DataSender.sendData（DataSender.java:21）
04-12 00：37：44.051：WARN / System.err的（284）：在cpe495.smartapp.SmartApp $ 1.dataReceivedReceived（SmartApp.java:60）
04-12 00：37：44.061：WARN / System.err的（284）：在cpe495.smartapp.ConnectDevice.fireDataReceivedEvent（ConnectDevice.java:287）
04-12 00：37：44.061：WARN / System.err的（284）：在cpe495.smartapp.ConnectDevice.run（ConnectDevice.java:254）
04-12 00：37：44.071：WARN / System.err的（284）：在java.lang.Thread.run（Thread.java:1096）
04-12 00：37：44.071：WARN / System.err的（284）：java.security.cert.CertificateException：产生的原因java.security.cert.CertPathValidatorException：未发现对TrustAnchor的证书路径。
04-12 00：37：44.090：WARN / System.err的（284）：在org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted（TrustManagerImpl.java:168）
04-12 00：37：44.100：WARN / System.err的（284）：在org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake（OpenSSLSocketImpl.java:366）
04-12 00：37：44.110：WARN / System.err的（284）：17 ...更多
04-12 00：37：44.110：WARN / System.err的（284）：java.security.cert.CertPathValidatorException：产生的原因为TrustAnchor的证书路径没有找到。
04-12 00：37：44.129：WARN / System.err的（284）：在org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi.engineValidate(PKIXCertPathValidatorSpi.java:149)
04-12 00：37：44.150：WARN / System.err的（284）：在java.security.cert.CertPathValidator.validate（CertPathValidator.java:202）
04-12 00：37：44.150：WARN / System.err的（284）：在org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted（TrustManagerImpl.java:164）
04-12 00：37：44.150：WARN / System.err的（284）：18 ...更多

解决方案

这个问题是由于一个事实，即客户端应用程序无法验证构建一个信任锚的证书路径（根受信任的证书颁发机构）和SSL服务器证书。因此，该证书不被信任的SSL握手失败。

在阿帕奇了HTTPClient API提供了一个很好的功能，它可以帮助你。该 SSLSocketFactory的构造的可以采取密钥库参数，包含了可信证书。

然后，您可以：

创建一个密钥库与密钥工具包含或者根CA证书或直接在服务器证书。在此密钥库添加到您的应用程序在建立与此有关的SSLSocketFactory 密钥库

有关的所有技术细节和code片段，你可以阅读从鲍勃·李这个博客帖子：的 http://blog.crazybob.org/2010/02/android-trusting-ssl-certificates.html

My application needs to be able to post to https and preserve the session that is created with cookies. So far, i have several different ways of trying the problem and none are working. Currently i am looking into using DefaultHttpClient because it is supposed to automatically preserve sessions created with cookies. This saves me the pain of reading the cookie and submitting with every other post. However, when i try to post using the code i have, the post fails with a certificate error that is listed below.

I had this certificate error earlier with another way i was trying to solve the problem and got it working with HttpsURLConnection, but that does not preserve sessions with cookies automatically.

Can someone please take a look at my code and tell me what i am doing wrong, what i can do better and what needs to change to get it to work.? THANKS!!

I have been trying to solve this problem for a few days now and i am getting know where. Every time i get a little further i get pushed further back. Can someone please assist me! =)

//my posting function
    private static String post(String urlString, List<NameValuePair> nameValuePairs)
    throws MalformedURLException, ProtocolException, IOException {
        DataOutputStream ostream = null;

        HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;

        DefaultHttpClient client = new DefaultHttpClient();

        SchemeRegistry registry = new SchemeRegistry();
        SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory();
        socketFactory.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
        registry.register(new Scheme("https", socketFactory, 443));
        SingleClientConnManager mgr = new SingleClientConnManager(client.getParams(), registry);
        DefaultHttpClient http = new DefaultHttpClient(mgr, client.getParams());

        HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);

        HttpPost httppost = new HttpPost(urlString);

        httppost.setEntity(new UrlEncodedFormEntity(nameValuePairs));

        HttpResponse response = http.execute(httppost);

        return response.toString();
}

//the error
04-12 00:37:43.941: WARN/System.err(284): javax.net.ssl.SSLException: Not trusted server certificate
04-12 00:37:43.961: WARN/System.err(284):     at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:371)
04-12 00:37:43.961: WARN/System.err(284):     at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:92)
04-12 00:37:43.970: WARN/System.err(284):     at org.apache.http.conn.ssl.SSLSocketFactory.createSocket(SSLSocketFactory.java:381)
04-12 00:37:43.980: WARN/System.err(284):     at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:164)
04-12 00:37:43.980: WARN/System.err(284):     at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164)
04-12 00:37:43.992: WARN/System.err(284):     at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119)
04-12 00:37:44.000: WARN/System.err(284):     at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:348)
04-12 00:37:44.000: WARN/System.err(284):     at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555)
04-12 00:37:44.000: WARN/System.err(284):     at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487)
04-12 00:37:44.020: WARN/System.err(284):     at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465)
04-12 00:37:44.020: WARN/System.err(284):     at cpe495.smartapp.SmartDBHelper.post(SmartDBHelper.java:208)
04-12 00:37:44.030: WARN/System.err(284):     at cpe495.smartapp.SmartDBHelper.authenticate(SmartDBHelper.java:105)
04-12 00:37:44.030: WARN/System.err(284):     at cpe495.smartapp.DataSender.submitData(DataSender.java:28)
04-12 00:37:44.040: WARN/System.err(284):     at cpe495.smartapp.DataSender.sendData(DataSender.java:21)
04-12 00:37:44.051: WARN/System.err(284):     at cpe495.smartapp.SmartApp$1.dataReceivedReceived(SmartApp.java:60)
04-12 00:37:44.061: WARN/System.err(284):     at cpe495.smartapp.ConnectDevice.fireDataReceivedEvent(ConnectDevice.java:287)
04-12 00:37:44.061: WARN/System.err(284):     at cpe495.smartapp.ConnectDevice.run(ConnectDevice.java:254)
04-12 00:37:44.071: WARN/System.err(284):     at java.lang.Thread.run(Thread.java:1096)
04-12 00:37:44.071: WARN/System.err(284): Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: TrustAnchor for CertPath not found.
04-12 00:37:44.090: WARN/System.err(284):     at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:168)
04-12 00:37:44.100: WARN/System.err(284):     at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:366)
04-12 00:37:44.110: WARN/System.err(284):     ... 17 more
04-12 00:37:44.110: WARN/System.err(284): Caused by: java.security.cert.CertPathValidatorException: TrustAnchor for CertPath not found.
04-12 00:37:44.129: WARN/System.err(284):     at org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi.engineValidate(PKIXCertPathValidatorSpi.java:149)
04-12 00:37:44.150: WARN/System.err(284):     at java.security.cert.CertPathValidator.validate(CertPathValidator.java:202)
04-12 00:37:44.150: WARN/System.err(284):     at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:164)
04-12 00:37:44.150: WARN/System.err(284):     ... 18 more

解决方案

This issue is due to the fact that the client application is not able to validate build a certificate path from a trust anchor (a root trusted certification authority) and the SSL server certificate. Therefore this certificate is not trusted and the SSL handshake fails.

The apache HTTPClient API provides a nice feature which could help you. The SSLSocketFactory constructor can take a KeyStore parameter, contains the trusted certificates.

Then you can:

create a KeyStore with keytool containing either the root CA certificate or the server certificate directly. add this keystore to your application builds the SSLSocketFactory with this KeyStore

For all technical details and code snippets you can read this blog post from Bob Lee: http://blog.crazybob.org/2010/02/android-trusting-ssl-certificates.html

上一篇：新的PhoneGap 3.0进口org.apache.cordova不能得到解决PhoneGap、org、cordova、apache

下一篇：错误建设项目在Android的工作室＆QUOT;错误：未发现的资源匹配给定名称（含价值为____“@绘制/＆LT;名称＆gt;”）错误、名称、建设项目、工作室

相关推荐

精彩图集

精彩推荐

图片推荐