嗨我在ANdroid N中遇到异常
javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:361)
at com.android.okhttp.Connection.connectTls(Connection.java:235)
at com.android.okhttp.Connection.connectSocket(Connection.java:199)
at com.android.okhttp.Connection.connect(Connection.java:172)
at com.android.okhttp.Connection.connectAndSetOwner(Connection.java:367)
at com.android.okhttp.OkHttpClient$1.connectAndSetOwner(OkHttpClient.java:130)
at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:329)
at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:246)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:457)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:126)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.getOutputStream(HttpURLConnectionImpl.java:257)
at com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.getOutputStream(DelegatingHttpsURLConnection.java:218)
at com.android.okhttp.internal.huc.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java)
我使用的是自签名的ca证书和admin.p12文件。它位于res / raw文件夹下。 并添加了network_security_config文件:
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config>
<trust-anchors>
<certificates src="@raw/ca"/>
<certificates src="user"/>
</trust-anchors>
</domain-config>
</network-security-config>
下面是我的连接方法代码..
InputStream inputStream = null;
DataOutputStream dStream = null;
int responseCode;
try {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Certificate ca;
InputStream caInput = mApplicationContext.getResources()
.openRawResource(R.raw.ca);
try {
ca = cf.generateCertificate(caInput);
Log.d(TAG, "ca=" + ((X509Certificate) ca).getSubjectDN());
} finally {
try {
caInput.close();
} catch (IOException ioe) {
Log.e(TAG, "Exception happened while closing the stream", ioe);
}
}
// Create a KeyStore containing our trusted CAs
String trustStoreType = KeyStore.getDefaultType();
KeyStore trustStore = KeyStore
.getInstance(trustStoreType);
trustStore.load(null, null);
trustStore.setCertificateEntry("ca", ca);
// Create a TrustManager that trusts the CAs in our
// KeyStore
String tmfAlgorithm = TrustManagerFactory
.getDefaultAlgorithm();
final TrustManagerFactory tmf = TrustManagerFactory
.getInstance(tmfAlgorithm);
tmf.init(trustStore);
InputStream keyInput = mApplicationContext.getResources()
.openRawResource(R.raw.admin);
KeyStore keystore = KeyStore.getInstance("PKCS12");
keystore.load(keyInput, CA_PASSWORD.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory
.getInstance(KeyManagerFactory
.getDefaultAlgorithm());
kmf.init(keystore, CA_PASSWORD.toCharArray());
// Create an SSLContext that uses our TrustManager
SSLContext sslCtx = SSLContext.getInstance("TLS");
sslCtx.init(kmf.getKeyManagers(),
tmf.getTrustManagers(), null);
URL url = new URL(urlStr);
HttpsURLConnection conn = (HttpsURLConnection) url
.openConnection();
conn.setDoOutput(true);
conn.setHostnameVerifier(new HostnameVerifier() {
@SuppressLint("BadHostnameVerifier")
@Override
public boolean verify(String hostname,
SSLSession session) {
/*
* As the certificate is self signed
*/
return true;
}
});
// Tell the URLConnection to use a SocketFactory from our SSLContext
conn.setSSLSocketFactory(sslCtx
.getSocketFactory());
conn.setRequestProperty("Content-Type", appContentType);
conn.setRequestMethod("POST");
conn.setConnectTimeout(30000);
conn.setReadTimeout(30000);
String paramStr = getPostFormParamString(params);
Log.d(TAG, "connection post param String: " + paramStr );
dStream = new DataOutputStream(
conn.getOutputStream());
dStream.writeBytes(paramStr);
responseCode = conn.getResponseCode();
我提到了stackoverflow中的一些链接,但我得到了相同的异常。请帮忙......
谢谢*