0

我有一个使用 stomp+ssl 连接到 tomcat6 上的 activemq 服务器的 android 客户端。不幸的是,重用会话时连接挂起:

ActiveMQ Transport: ssl:///10.0.0.182:56501, WRITE: TLSv1 Handshake, length = 32
[Raw write]: length = 37
0000: 16 03 01 00 20 D7 1D 61   C2 70 38 B6 30 10 33 39  .... ..a.p8.0.39
0010: 7C 4E 1E DC 7E 10 C3 8F   80 E4 51 92 DD CD 10 C9  .N........Q.....
0020: BF 8C B3 B8 8D                                     .....
%% Cached server session: [Session-6, SSL_RSA_WITH_RC4_128_MD5]

我很快就需要一个解决方案,所以我正在考虑禁用 ssl 会话缓存,但我无法做到。

更新:在 android 4.0 中它可以完美运行!那么如何将 android 4 jsse 提供程序放在 Android 2.3 上呢?

在客户端我有这段代码:

InputStream clientTruststoreIs = getResources().openRawResource(R.raw.truststore);
KeyStore trustStore = null;
trustStore = KeyStore.getInstance("BKS");
trustStore.load(clientTruststoreIs, "xxxxx".toCharArray());

System.out.println("Loaded server certificates: " + trustStore.size());

TrustManagerFactory tmf = null;
tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(trustStore);

InputStream keyStoreStream = getResources().openRawResource(R.raw.client);
KeyStore keyStore = null;
keyStore = KeyStore.getInstance("BKS");
keyStore.load(keyStoreStream, "xxxxxx".toCharArray());


KeyManagerFactory kmf = null;
kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(keyStore, "xxxxxxxxx".toCharArray());

SSLContext ctx = SSLContext.getInstance("SSL");
ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
stomp = new Stomp("tcp://" + sp.getString("host", "default.host.it")+   ":"+ sp.getString("port", "61614"));
stomp.setSslContext(ctx);

在服务器上,我只有这样的 context.xml:

<broker:broker useJmx="true" persistent="false"
    brokerName="prato">

  <broker:sslContext>
    <broker:sslContext   keyStore="classpath:keystore.jks" trustStore="classpath:truststore.jks"    keyStorePassword="xxxxxx" trustStorePassword="xxxxx"/>
  </broker:sslContext>
  <broker:transportConnectors>
<broker:transportConnector name="vm"    uri="vm://prato" />
<broker:transportConnector name="tcp" uri="tcp://0.0.0.0:${openwire}" />
    <broker:transportConnector name="stomp" uri="stomp://0.0.0.0:${stomp}?Trace=true" />
<broker:transportConnector name="stompssl" uri="stomp+ssl://0.0.0.0:${stompssl}?needClientAuth=true" />
  </broker:transportConnectors>
</broker:broker>

我能做些什么?提前感谢您的回复!

马里奥

4

0 回答 0