1

我一直在寻找这个问题的解决方案一段时间,但我似乎无法弄清楚

我正在尝试通过 android 应用程序和服务器之间的 http 连接使用 ssl,我用我的自签名证书创建了一个密钥库

我有这个代码:

    URL url;
    SSLContext sslContext = null;
    KeyStore keyStore = KeyStore.getInstance("BKS");    
    InputStream input = SportsApplication.getContext().getResources().openRawResource(R.raw.mykeystore);
    keyStore.load(input, "mypass".toCharArray());
    KeyManagerFactory kmf = KeyManagerFactory.getInstance("X509");
    kmf.init(keyStore, "mypass".toCharArray());
    KeyManager[] keyManagers = kmf.getKeyManagers();
    sslContext = SSLContext.getInstance("TLS");
    sslContext.init(keyManagers, null, null);

    HttpsURLConnection connection = null;
    String urlParameters = mJObject.toString();
    try {
        Log.w("client", mUrl);
        Log.v("client", "request: "+urlParameters);
        // Create connection
        mUrl = mUrl.replaceFirst("http", "https");
        url = new URL(mUrl);
        connection = (HttpsURLConnection) url.openConnection();
        try{

            connection.setSSLSocketFactory(sslContext.getSocketFactory());
        }
        catch (Exception e1) {
            e1.printStackTrace();
            int tx =0;
        }
        try{
        connection.setRequestMethod("POST");
        connection.setRequestProperty("Content-type", "application/json");
        connection.setRequestProperty("Accept", "application/json");
        connection.setReadTimeout(dataTimeout);
        connection.setConnectTimeout(com.inmobly.buckeyes.client.Constants.DEFAULT_CONN_TIMEOUT);

        connection.setUseCaches(false);
        connection.setDoInput(true);
        connection.setDoOutput(true);
        }
        catch (Exception e1) {
            e1.printStackTrace();
            int tx =0;
        }
        // Send request
        DataOutputStream wr = null;
        try{
         wr = new DataOutputStream(connection.getOutputStream());
        }
        catch (Exception e1) {
            e1.printStackTrace();
            int tx =0;
        }

但我不断收到此异常:

javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x1b1b0e0: Failure in SSL library, usually a protocol errorerror:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol (external/openssl/ssl/s23_clnt.c:683 0x4029bcf5:0x00000000)

我究竟做错了什么 ?

4

2 回答 2

1

由于 SSL 握手本身没有通过,因此您可以在您的系统上安装wireshark(这也可以在模拟器上重现),而不是使用异常中的信息对其进行调试,并查看操作系统级别的数据包捕获。如果错误是由于服务器和客户端的 ssl 实现之间的协议版本不匹配,则数据包应该具有必要的信息。您可以先尝试一个简单的 ssl 握手,以确保与服务器正确握手。让我们知道您获得的信息,我们将进一步调试!

于 2013-11-12T17:51:57.780 回答
0

请参阅我在How to disable SSLv3 in HttpsUrlConnection in Android 中的回答

于 2015-04-29T14:15:12.890 回答