1

我的 ksoap2 webservice 和 webService-client 与 HttpTransportSE 配合得很好。现在我想将 SSL 与受信任的证书一起使用。为了在 Tomcat SSL 上使用 web 服务,我在 Axis2.xml 中添加了 Https Transport Reciver,我认为 web 服务可以工作。这是我的 SSL 网络服务:

<https://myURL.de:8443/WebProject_KomplexeObjekte_SSL/services/HelloWorldWS?wsdl>?

下一步是在我的客户端中将 httptransportSE(URL) 更改为 httpstransportSE(HOST, PORT, FILE, TIMEOUT)。这是我的客户:

import org.ksoap2.SoapEnvelope;
import org.ksoap2.serialization.SoapObject;
import org.ksoap2.serialization.SoapSerializationEnvelope;
import org.ksoap2.transport.HttpTransportSE;
import org.ksoap2.transport.HttpsServiceConnectionSE;
import org.ksoap2.transport.HttpsTransportSE;

import android.app.Activity;
import android.os.Bundle;
import android.widget.TextView;

public class WSClientKomplexeObjekteActivity extends Activity {

private static final String SOAP_ACTION = "http://ws.chathura.com/getCategoryObject";
private static final String METHOD_NAME = "getCategoryObject";
private static final String NAMESPACE = "http://ws.chathura.com";
private static final String NAMESPACE2 = "http://ws.chathura.com/xsd";
private static final String HOST = "myURL.de";
private static final int PORT = 8443;
private static final String FILE = "/WebProject_KomplexeObjekte_SSL/services/HelloWorldWS?wsdl";
private static final int TIMEOUT = 1000;


/** Called when the activity is first created. */
@Override
public void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);
    setContentView(R.layout.main);

    TextView tv = (TextView)findViewById(R.id.textview1);


    SoapObject Request = new SoapObject(NAMESPACE, METHOD_NAME);
    Category C = new Category();
    C.setCategoryId(1);
    C.setDescription("Client Beschreibung");
    C.setName("Client Name"); 

    Request.addProperty("obj", C);

    SoapSerializationEnvelope envelope = new SoapSerializationEnvelope(SoapEnvelope.VER11);
    envelope.setOutputSoapObject(Request);
    envelope.addMapping(NAMESPACE2, C.getClass().getSimpleName(), C.getClass());

    HttpsTransportSE androidHttpsTransport = new HttpsTransportSE(HOST, PORT, FILE, TIMEOUT);

    Category ans = null;
    try {
        androidHttpsTransport.call(SOAP_ACTION, envelope);
        ans = (Category)envelope.getResponse();
        tv.setText("CategoryId: " + ans.getCategoryId() + "\nName: " + ans.getName() + "\nDescription: " + ans.getDescription()); 
    }
    catch(Exception e) {
        e.printStackTrace();
    }
}


}

现在我在 Logcat 中得到了这个异常:

W/System.err(619): javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

由于这个例外,我试图包含一个密钥库,其中包含我的 tomcat 上用于 ssl 的证书。您可以在评论中看到此代码。那是没有成功的。我得到以下异常:

E/AndroidRuntime(654): java.lang.RuntimeException: Unable to start activity ComponentInfo{de.bachelor.marcel/de.bachelor.marcel.WSClientKomplexeObjekteActivity}: java.lang.NullPointerException
4

2 回答 2

1

好的...我自己解决了这个问题。客户端代码不是问题。它工作得很好。唯一的问题是在服务器端。Android 不信任我的服务器,因为我忘记包含根证书。因此,如果您有同样的问题,您可以使用http://www.sslshopper.com/ssl-checker.html#检查您的 ssl 服务器

于 2012-06-26T16:03:15.420 回答
0

您可以使用此类绕过证书:

public class FakeX509TrustManager implements X509TrustManager {

    private static TrustManager[] trustManagers;
    private static final X509Certificate[] _AcceptedIssuers = new
            X509Certificate[] {};

    @Override
    public void checkClientTrusted(X509Certificate[] chain, String
            authType) throws CertificateException {
    }

    @Override
    public void checkServerTrusted(X509Certificate[] chain, String
            authType) throws CertificateException {
    }

    public boolean isClientTrusted(X509Certificate[] chain) {
        return true;
    }

    public boolean isServerTrusted(X509Certificate[] chain) {
        return true;
    }

    @Override
    public X509Certificate[] getAcceptedIssuers() {
        return _AcceptedIssuers;
    }

    public static void allowAllSSL() {
        HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier()
        {
            @Override
            public boolean verify(String hostname, SSLSession session) {
                return true;
            }

        });

        SSLContext context = null;
        if (trustManagers == null) {
            trustManagers = new TrustManager[] { new FakeX509TrustManager() };
        }

        try {
            context = SSLContext.getInstance("TLS");
            context.init(null, trustManagers, new SecureRandom());
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (KeyManagementException e) {
            e.printStackTrace();
        }

        HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
    }

}
于 2017-04-26T10:15:44.383 回答