使用HTTPClient在未知验证证书中在android中发送HTTPS发布请求

时间:2017-11-05 11:40:16

标签: java android node.js android-studio ssl

我编写了这段代码,用于将POST请求发送到运行nodejs的localhost服务器,该服务器使用openssl命令生成证书。但是当我尝试发送post请求时,我可以在android日志中看到trust anchor的问题,https上的POST请求无法正常工作,但如果我从{{1服务器并使用nodejs发送请求。我知道这是因为我的证书未经任何知名的CA验证,如verisign。那么,我该如何将请求发送到此http服务器?我也尝试在我的Android手机中安装证书,但它也没有解决我的问题。我也可以发布https的源代码。

HttpClient.java

更新 

public class MainActivity extends AppCompatActivity {
    Button encAndSendBtn;
    TextView companyName, modelNumber, specification;

    public MainActivity() throws MalformedURLException {
    }

    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_main);
        encAndSendBtn = (Button) findViewById(R.id.encAndSend);
        companyName = (TextView) findViewById(R.id.company);
        modelNumber = (TextView) findViewById(R.id.modNum);
        specification = (TextView) findViewById(R.id.spec);
    }
    public void onclickbutton(View view) {

        encSend scv = new encSend();
        scv.execute();
    }

    private class encSend extends AsyncTask {

        String companyNameS = companyName.getText().toString();
        String modelNumberS = modelNumber.getText().toString();
        String specificationS = specification.getText().toString();

        @Override
        protected Object doInBackground(Object[] objects) {
           JSONObject jsonObjSend = new JSONObject();
           JSONObject encrptObjSend = new JSONObject();

           try {
                jsonObjSend.put("Company", companyNameS);
                jsonObjSend.put("Model Number", modelNumberS);
                jsonObjSend.put("Specification", specificationS);

                String finalData = jsonObjSend.toString();
                Log.i("data", finalData); 
                String key = "HelloWorld321@!";
                String encrypt;
                try {
                    CryptLib cryptLib = new CryptLib();
                    String iv = "1234123412341234";
                    encrypt = cryptLib.encryptSimple(finalData, key, iv);

                    encrptObjSend.put("encrptedtext", encrypt);
            } catch (Exception e) {
                    e.printStackTrace();
                }

                Log.i("Encrypted data", encrptObjSend.toString());

                JSONObject header = new JSONObject();
                header.put("deviceType", "Android"); // Device type
                header.put("deviceVersion", "2.0"); // Device OS version
                header.put("language", "es-es");    // Language of the Android client
                encrptObjSend.put("header", header);

            } catch (JSONException e) {
                e.printStackTrace();
            }
            JSONObject jsonObjRecv = HttpClient.SendHttpPost("https://192.168.43.59:443/api/aes", encrptObjSend);
            return "success";
        }
    }
}

}

1 个答案:

答案 0 :(得分:0)

您应该使用always-ok委托来避免服务器证书验证。当然,您必须使用https连接。请查看此链接,例如:http://www.nakov.com/blog/2009/07/16/disable-certificate-validation-in-java-ssl-connections/

相关问题
最新问题