大佬教程收集整理的这篇文章主要介绍了Android 2.3.x javax.net.ssl.SSLHandshakeException:java.security.cert.CertPathValidatorException:找不到证书路径的信任锚,大佬教程大佬觉得挺不错的,现在分享给大家,也给大家做个参考。
}
当我运行命令时:
@H_607_4@openssl s_client -debug -connect www.mysitedomain.com:443我收到了回复:
@H_607_4@-- some key stuff -- Certificate chain 0 s:/OU=Domain Control Validated/CN=www.mydomainname.com i:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Domain Validation CA - G2 1 s:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Domain Validation CA - G2 i:/C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA 2 s:/C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA i:/C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA --- Server certificate -----BEGIN CERTIFICATE----- some more certificate stuff -----END CERTIFICATE----- ubject=/OU=Domain Control Validated/CN=www.mydomainname.com issuer=/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Domain Validation CA - G2 --- No client certificate CA names sent --- SSL handshake has read 4091 bytes and written 328 bytes --- New,TLSv1/SSLv3,Cipher is DHE-RSA-AES256-SHA Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : DHE-RSA-AES256-SHA Session-ID: 57C379C59483809A7FE1BF8E235C5BFA7789E62AAEBCA9BC14B5273F5D1304E7 Session-ID-ctx: Master-Key: 6FCD498D1294415A42B57420F0C05AB903EF8E56CB6F1530390F73AF5E4CBC22B359D5CDA09811E075A5C598002C380D Key-Arg : None Start Time: 1390473282 Timeout : 300 (seC) Verify return code: 0 (ok) ---所以它返回没问题…但它仍然给我测试的2.3.x设备的这个错误.
在此之后我得到一个例外:
@H_607_4@LogUtils.log("SSL: urlConnection did set request properties.");这是例外:
@H_607_4@01-23 10:20:28.459: W/System.err(1623): javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. 01-23 10:20:28.459: W/System.err(1623): at org.apache.harmony.xnet.provider.jsse.openSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:477) 01-23 10:20:28.459: W/System.err(1623): at org.apache.harmony.xnet.provider.jsse.openSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:328) 01-23 10:20:28.459: W/System.err(1623): at org.apache.harmony.luni.internal.net.www.protocol.http.httpconnection.setupSecureSocket(httpconnection.java:185) 01-23 10:20:28.459: W/System.err(1623): at org.apache.harmony.luni.internal.net.www.protocol.https.httpsURLConnectionImpl$httpsENGIne.makeSslConnection(httpsURLConnectionImpl.java:433) 01-23 10:20:28.459: W/System.err(1623): at org.apache.harmony.luni.internal.net.www.protocol.https.httpsURLConnectionImpl$httpsENGIne.makeConnection(httpsURLConnectionImpl.java:378) 01-23 10:20:28.459: W/System.err(1623): at org.apache.harmony.luni.internal.net.www.protocol.http.httpURLConnectionImpl.connect(httpURLConnectionImpl.java:205) 01-23 10:20:28.459: W/System.err(1623): at org.apache.harmony.luni.internal.net.www.protocol.https.httpsURLConnectionImpl.connect(httpsURLConnectionImpl.java:152)我称之为的方式是:
@H_607_4@String response = httprequestController .geTinstance() .dorequest(ApiUrls.LOGIN,params,Method.POST,null);它适用于运行2.3.x以上Android版本的任何其他设备(根据我的测试).
Android文档似乎没有关于2.3兼容性的@L_618_17@.
我建议你在Android文档上做:
@H_607_4@// Load CAs from an InputStream // (Could be from a resource or ByteArrayInputStream or ...) CertificateFactory cf = CertificateFactory.geTinstance("X.509"); // From https://www.washington.edu/itconnect/security/ca/load-der.crt InputStream caInput = new BufferedInputStream(new FileInputStream("load-der.crt")); Certificate ca; try { ca = cf.generateCertificate(caInput); System.out.println("ca=" + ((X509CertificatE) ca).getSubjectDN()); } finally { caInput.close(); } // Create a KeyStore containing our trusted CAs String keyStoreType = KeyStore.getDefaultType(); KeyStore keyStore = KeyStore.geTinstance(keyStoreTypE); keyStore.load(null,null); keyStore.setCertificateEntry("ca",ca); // Create a TrustManager that trusts the CAs in our KeyStore String tmfalgorithm = TrustManagerFactory.getDefaultAlgorithm(); TrustManagerFactory tmf = TrustManagerFactory.geTinstance(tmfalgorithm); tmf.init(keyStorE); // Create an SSLContext that uses our TrustManager SSLContext context = SSLContext.geTinstance("TLS"); context.init(null,null); // Tell the URLConnection to use a SocketFactory from our SSLContext URL url = new URL("https://certs.cac.washington.edu/CAtest/"); httpsURLConnection urlConnection = (httpsURLConnection)url.openConnection(); urlConnection.setSSLSocketFactory(context.getSocketFactory()); InputStream in = urlConnection.geTinputStream(); copyInputStreamToOutputStream(in,System.out);我也在做同样的事情,它在每台设备上运行正常,使用Android 2.3及以下版本,我的网站证书是私有的.
试试吧,告诉我它现在是否正常工作.
希望它能帮到你!
以上是大佬教程为你收集整理的Android 2.3.x javax.net.ssl.SSLHandshakeException:java.security.cert.CertPathValidatorException:找不到证书路径的信任锚全部内容,希望文章能够帮你解决Android 2.3.x javax.net.ssl.SSLHandshakeException:java.security.cert.CertPathValidatorException:找不到证书路径的信任锚所遇到的程序开发问题。
如果觉得大佬教程网站内容还不错,欢迎将大佬教程推荐给程序员好友。
本图文内容来源于网友网络收集整理提供,作为学习参考使用,版权属于原作者。
如您有任何意见或建议可联系处理。小编QQ:384754419,请注明来意。