我正在从证书生成密钥库,如下所示:
export CLASSPATH=/Developer/BouncyCastle/bcprov-jdk16-146.jar
CERTSTORE=~/bitbucket/Android/CoooriJED/res/raw/mykeystore.bks
if [ -a $CERTSTORE ]; then
rm $CERTSTORE || exit 1
fi
keytool \
-importcert \
-v \
-trustcacerts \
-alias 0 \
-file <(openssl x509 -in mycert.pem) \
-keystore $CERTSTORE \
-storetype BKS \
-provider org.bouncycastle.jce.provider.BouncyCastleProvider \
-providerpath /Developer/BouncyCastle/bcprov-jdk16-146.jar \
-storepass password
这会生成一个没有明显问题的密钥库。在 Eclipse 中,我清理了我的 Android 项目并在原始文件夹中看到“mykeystore.bks”。我按如下方式加载密钥库:
private KeyStore keyStore()
{
try {
KeyStore trusted = KeyStore.getInstance("BKS");
InputStream in = context.getResources().openRawResource(R.raw.mykeystore);
try {
trusted.load(in, "password".toCharArray()); // *Throws an exception*
} finally {
in.close();
}
return trusted;
} catch (Exception e) {
throw new AssertionError(e);
}
}
我按如下方式调用此方法(我已删除异常处理以使其更易于在此处阅读):
HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
KeyManagerFactory kmf = KeyManagerFactory.getInstance("X509");
kmf.init(keyStore(), "password".toCharArray());
但是,该行trusted.load(in, "password".toCharArray())
导致抛出“错误版本的密钥存储”IOException。这是为什么?
提前谢谢你。