2

I'm trying to authenticate through Last.fm's API.

On Android 4.3 it works just by doing

HttpPost post = new HttpPost("https://ws.audioscrobbler.com/2.0/");
post.setEntity(new UrlEncodedFormEntity(params));

HttpClient client = new DefaultHttpClient();
HttpResponse response = client.execute(post);

but on 2.3.3 I get

javax.net.ssl.SSLPeerUnverifiedException: No peer certificate

Then I tried the solution given here:

HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;

DefaultHttpClient client = new DefaultHttpClient();

SchemeRegistry registry = new SchemeRegistry();
SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory();
socketFactory.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
registry.register(new Scheme("https", socketFactory, 443));
SingleClientConnManager mgr = new SingleClientConnManager(client.getParams(), registry);
DefaultHttpClient httpClient = new DefaultHttpClient(mgr, client.getParams());

// Set verifier     
HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);        

HttpPost post = new HttpPost("https://ws.audioscrobbler.com/2.0/");
post.setEntity(new UrlEncodedFormEntity(params));

HttpResponse response = httpClient.execute(post);

but I still get the same error.

Then I tried that:

HttpParams httpParams = new BasicHttpParams();
HttpProtocolParams.setVersion(httpParams, HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(httpParams, HTTP.DEFAULT_CONTENT_CHARSET);
HttpProtocolParams.setUseExpectContinue(httpParams, true);

SchemeRegistry schReg = new SchemeRegistry();
schReg.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
schReg.register(new Scheme("https", SSLSocketFactory.getSocketFactory(), 443));
ClientConnectionManager conMgr = new ThreadSafeClientConnManager(httpParams, schReg);

DefaultHttpClient httpClient = new DefaultHttpClient(conMgr, httpParams);

HttpPost post = new HttpPost("https://ws.audioscrobbler.com/2.0/");
post.setEntity(new UrlEncodedFormEntity(params));

HttpResponse response = httpClient.execute(post);

and failed again.

Anybody can help?

4

1 回答 1

1

从服务器返回证书的方式似乎存在一些问题,或者可能是 android 系统密钥库没有相关的根证书来验证和完成握手。

查看问题中提到的站点的证书链信息,在我看来,该链没有正确排序。

你可以在这里试试答案

于 2013-09-05T18:53:38.770 回答