1

为了解决这个问题,我去过很多地方,但没有去做。

尝试 SSL 连接“不受信任的服务器证书”时,Android 会返回错误。 https://google.cl/工作,但https ://autoservicio.movi​​star.cl/ 不工作:-/ 我的项目:

package com.drawcoders.saldomovistarchile;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.List;

import javax.net.ssl.HostnameVerifier;

import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.scheme.PlainSocketFactory;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.conn.ssl.X509HostnameVerifier;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.conn.SingleClientConnManager;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;

import android.app.Activity;
import android.os.Bundle;
import android.widget.TextView;

public class SaldoMovistarChileActivity extends Activity {
    TextView statusText;

    /** Called when the activity is first created. */
    @Override
    public void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.main);
        statusText = (TextView) findViewById(R.id.statusText);
        login();
    }

    void login(){       
        try {
            HostnameVerifier hostnameVerifier = SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
            DefaultHttpClient client = new DefaultHttpClient();

            SchemeRegistry registry = new SchemeRegistry();
            SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory();
            socketFactory.setHostnameVerifier((X509HostnameVerifier)hostnameVerifier);
            registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
            registry.register(new Scheme("https", socketFactory, 443));
            SingleClientConnManager mngr = new SingleClientConnManager(client.getParams(), registry);
            DefaultHttpClient httpClient = new DefaultHttpClient(mngr, client.getParams());

            HttpPost post = new HttpPost("https://autoservicio.movistar.cl/login/loginTop");
            List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>(4);
            nameValuePairs.add(new BasicNameValuePair("rut", "1000000"));
            nameValuePairs.add(new BasicNameValuePair("dv", "0"));
            nameValuePairs.add(new BasicNameValuePair("idRut", "10000000-0"));
            nameValuePairs.add(new BasicNameValuePair("clave", "00000000"));
            post.setEntity(new UrlEncodedFormEntity(nameValuePairs));

            HttpResponse response = httpClient.execute(post);

            // HttpResponse response = client.execute(post);
            HttpEntity entity = response.getEntity();
            String responseText = EntityUtils.toString(entity);
            statusText.setText("Finalizado!");

        } catch (UnsupportedEncodingException e) {
            statusText.setText("Error: " + e.getMessage().toString());
        } catch (ClientProtocolException e) {
            statusText.setText("Error: " + e.getMessage().toString());
        } catch (IOException e) {
            statusText.setText("Error: " + e.getMessage().toString());
        }
    }
}

谢谢 :)

4

2 回答 2

1

看来(从我的 Android 设备判断:Galaxy Nexus,Android 4.1.1)用于域autoservicio.movi​​star.cl的 CA 根证书未在此版本的 Android 上提供,可能是 4.1.1 之前的版本.

对于您信任的站点,请尝试此处提供的解决方案:Trusting all certificate using HttpClient over HTTPS

于 2012-09-03T20:33:33.317 回答
1

该网站https://autoservicio.movi ​​star.cl 不返回中间证书,因此客户端无法构建到受信任根的链。Firefox 也会出错。

此 SSL 检查器显示仅返回服务器证书:

http://certlogik.com/ssl-checker/autoservicio.movi​​star.cl

缺少的中间证书是这个:

CN = VeriSign Class 3 International Server CA - G3,OU = https://www.verisign.com/rpa (c)10 上的使用条款,OU = VeriSign Trust Network,O = "VeriSign, Inc.",C =我们

----- BEGIN CERTIFICATE ----- MIIGKTCCBRGgAwIBAgIQZBvoIM4CCBPzLU0tldZ + ZzANBgkqhkiG9w0BAQUFADCB yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0 aG9yaXR5IC0gRzUwHhcNMTAwMjA4MDAwMDAwWhcNMjAwMjA3MjM1OTU5WjCBvDEL MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMtVmVy aVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdacYvAV9IGaQQhZjxOdF8mfUdza sVLv / + + NB3eDfxCjG4615HycQmLi7IJfBKERBD qpqFLPTU4bi7u1xHbZzFYG7rNVICreFY1xy1TIbxfNiQDk3P / hwB9ocenHKS5 + vDv85burJlSLZpDN9pK5MSSAvJ5s 1fx + 0uFLjNxC + kRLX / gYtS4w9D0SmNNiBXNUppyiHb5SgzoHRsQ7AlYhv / JRT9Cm mTnprqU / iZucff5NYAclIPe712mDK4KTQzfZg0EbawurSmaET0qO3n40mY5o1so5 BptMs5pITRNGtFghBMT7oE2sLktiEuP7TfbJUQABH / weaoEqOOC5T9YtRQIDAQAB o4ICFTCCAhEwEgYDVR0TAQH / BAgwBgEB / wIBADBwBgNVHSAEaTBnMGUGC2CGSAGG + EUBBxcDMFYwKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9j cHMwKgYIKwYBBQUHAgIwHhocaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTAO BgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2Uv Z2lmMCEwHzAHBgUrDgMCGgQUj + XTGoasjY5rw8 + AatRIGCx7GS4wJRYjaHR0cDov L2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwNAYDVR0lBC0wKwYIKwYBBQUH AwEGCCsGAQUFBwMCBglghkgBhvhCBAEGCmCGSAGG + EUBCAEwNAYIKwYBBQUHAQEE KDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC52ZXJpc2lnbi5jb20wNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL2NybC52ZXJpc2lnbi5jb20vcGNhMy1nNS5jcmww KAYDVR0RBCEwH6QdMBsxGTAXBgNVBAMTEFZlcmlTaWduTVBLSS0yLTcwHQYDVR0O BBYEFNebfNgioBX33a1fzimbWMO8RgC1MB8GA1UdIwQYMBaAFH / TZafC3ey78DAJ 80M5 + gKvMzEzMA0GCSqGSIb3DQEBBQUAA4IBAQBxtX1zUkrd1000Ky6vlEalSVAC T / gvF3DyE9wfIYaqwk98NzzURniuXXhv0bpavBCrWDbFjGIVRWAXIeLVQqh3oVXY QwRR9m66SOZdTLdE0z6k1dYzmp8N5tdOlkSVWmzWoxZTDphDzqS4w2Z6BVxiEOgb Ett9LnZQ / 9 / XaxvMisxx + rNAVnwzeneUW / ULU / sOX7xo + 68q7jA3eRaTJX9NEP9X + 79uOzMh3nnchhdZLUNkt6Zmh + q8lkYZGoaLb9e3SQBb26O / KZru99MzrqP0nkzK XmnUG623kHdq2FlveasB + lXwiiFm5WVu / XzT3x7rfj8GkPsZC9MGAht4Q5mo ----- END CERTIFICATE -----T / gvF3DyE9wfIYaqwk98NzzURniuXXhv0bpavBCrWDbFjGIVRWAXIeLVQqh3oVXY QwRR9m66SOZdTLdE0z6k1dYzmp8N5tdOlkSVWmzWoxZTDphDzqS4w2Z6BVxiEOgb Ett9LnZQ / 9 / XaxvMisxx + rNAVnwzeneUW / ULU / sOX7xo + 68q7jA3eRaTJX9NEP9X + 79uOzMh3nnchhdZLUNkt6Zmh + q8lkYZGoaLb9e3SQBb26O / KZru99MzrqP0nkzK XmnUG623kHdq2FlveasB + lXwiiFm5WVu / XzT3x7rfj8GkPsZC9MGAht4Q5mo ----- END CERTIFICATE -----T / gvF3DyE9wfIYaqwk98NzzURniuXXhv0bpavBCrWDbFjGIVRWAXIeLVQqh3oVXY QwRR9m66SOZdTLdE0z6k1dYzmp8N5tdOlkSVWmzWoxZTDphDzqS4w2Z6BVxiEOgb Ett9LnZQ / 9 / XaxvMisxx + rNAVnwzeneUW / ULU / sOX7xo + 68q7jA3eRaTJX9NEP9X + 79uOzMh3nnchhdZLUNkt6Zmh + q8lkYZGoaLb9e3SQBb26O / KZru99MzrqP0nkzK XmnUG623kHdq2FlveasB + lXwiiFm5WVu / XzT3x7rfj8GkPsZC9MGAht4Q5mo ----- END CERTIFICATE -----

于 2012-09-04T07:55:59.090 回答