0
나는 지정된 URL의 온라인 양식에 게시해야하는 코드를 작성했습니다. 사이트의 SSL은 자체 서명 SSL 인증서입니다. 나는 모든 것을 시도했지만 예외가 발견되지 않는 파일을 계속 가져 왔습니다. 인증서의 URL을 지정할 때 .crt 파일의 정확한 위치를 지정해야합니까?Android : 자체 서명 SSL 인증서가있는 네트워크를 통해 게시
아래의 코드를보고하십시오 오른쪽 방향으로 나를 인도 해주십시오 : 여기
public static byte[] doPost(String urlString, HashMap<String, String> postData, String certificateName) throws Exception
{
byte[] result = null;
// Load CAs from an InputStream
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
InputStream CAInput = new BufferedInputStream(new FileInputStream(certificateName));
Certificate certificate;
certificate = certificateFactory.generateCertificate(CAInput);
Dev.debug("Certificate: " + ((X509Certificate)certificate).getSubjectDN());
CAInput.close();
// Create Keystore containing our trusted certificates
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null, null);
keyStore.setCertificateEntry("tss_certificate", certificate);
// Create a TrustManager that trusts the CA in our KeyStore
String algorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm);
tmf.init(keyStore);
// Create an SSLContext that uses our TrustManager
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), null);
// Create URL and connection
// The url string is "keystore.crt"
URL url = new URL(urlString);
HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
// Set connection properties
connection.setSSLSocketFactory(context.getSocketFactory());
connection.setRequestMethod("POST");
connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
connection.setDoOutput(true);
connection.setDoInput(true);
// Create an output stream and write encoded data to the stream
byte[] output = HttpPost.postEncode(postData).getBytes();
OutputStream out = new BufferedOutputStream(connection.getOutputStream());
out.write(output);
out.flush();
// Write to input stream
if (connection.getResponseCode() == HttpURLConnection.HTTP_OK)
{
InputStream in = connection.getInputStream();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
byte[] buffer = new byte[1024];
int read;
while ((read = in.read()) > -1) baos.write(buffer, 0, read);
result = baos.toByteArray();
}
connection.disconnect();
return result;
}
하면 스택 트레이스입니다 : 당신은 SSL 예외를 받고
06-07 20:16:09.445 2382-4296/techss.fitmentmanager W/System.err: java.io.FileNotFoundException: keystore: open failed: ENOENT (No such file or directory)
06-07 20:16:09.445 2382-4296/techss.fitmentmanager W/System.err: at libcore.io.IoBridge.open(IoBridge.java:452)
06-07 20:16:09.445 2382-4296/techss.fitmentmanager W/System.err: at java.io.FileInputStream.<init>(FileInputStream.java:76)
06-07 20:16:09.446 2382-4296/techss.fitmentmanager W/System.err: at java.io.FileInputStream.<init>(FileInputStream.java:103)
06-07 20:16:09.446 2382-4296/techss.fitmentmanager W/System.err: at techss.app_lib.HttpPostCert.doPost(HttpPostCert.java:34)
06-07 20:16:09.446 2382-4296/techss.fitmentmanager W/System.err: at techss.fitmentmanager.jobcard.jobcard_steps.JobCardStepSelectStateStaticAsset$2$override.run(JobCardStepSelectStateStaticAsset.java:104)
06-07 20:16:09.446 2382-4296/techss.fitmentmanager W/System.err: at techss.fitmentmanager.jobcard.jobcard_steps.JobCardStepSelectStateStaticAsset$2$override.access$dispatch(JobCardStepSelectStateStaticAsset.java)
06-07 20:16:09.446 2382-4296/techss.fitmentmanager W/System.err: at techss.fitmentmanager.jobcard.jobcard_steps.JobCardStepSelectStateStaticAsset$2.run(JobCardStepSelectStateStaticAsset.java:0)
06-07 20:16:09.449 2382-4296/techss.fitmentmanager W/System.err: Caused by: android.system.ErrnoException: open failed: ENOENT (No such file or directory)
06-07 20:16:09.449 2382-4296/techss.fitmentmanager W/System.err: at libcore.io.Posix.open(Native Method)
06-07 20:16:09.449 2382-4296/techss.fitmentmanager W/System.err: at libcore.io.BlockGuardOs.open(BlockGuardOs.java:186)
06-07 20:16:09.449 2382-4296/techss.fitmentmanager W/System.err: at libcore.io.IoBridge.open(IoBridge.java:438)
06-07 20:16:09.449 2382-4296/techss.fitmentmanager W/System.err: ... 6 more
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:328)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.http.SocketConnector.connectTls(SocketConnector.java:103)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.Connection.connect(Connection.java:143)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.Connection.connectAndSetOwner(Connection.java:185)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.OkHttpClient$1.connectAndSetOwner(OkHttpClient.java:128)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.http.HttpEngine.nextConnection(HttpEngine.java:341)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:330)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:248)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:433)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.huc.HttpURLConnectionImpl.getResponse(HttpURLConnectionImpl.java:384)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.huc.HttpURLConnectionImpl.getInputStream(HttpURLConnectionImpl.java:231)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.getInputStream(DelegatingHttpsURLConnection.java:210)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.okhttp.internal.huc.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at techss.app_lib.CSVFile.importCsv(CSVFile.java:19)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at techss.fitmentmanager.jobcard.jobcard_steps.JobCardStepSelectStateStaticAsset$1.run(JobCardStepSelectStateStaticAsset.java:72)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:318)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.org.conscrypt.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:219)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:115)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:556)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:324)
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: ... 14 more
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: Caused by: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
06-07 20:16:09.857 2382-4297/techss.fitmentmanager W/System.err: ... 20 more
빠른 답장을 보내 주셔서 감사합니다. 그러나 제 2 예제에서 말하는 것과 정확히 같습니다. 나는 키 스토어를 만들고 있지만 액세스하려고하는 키 스토어 파일에'FileNotFoundException'을 던지고있다. 내 서버에 keystore 파일이 있는데 해당 파일의 certs에 액세스하려고하지만 해당 파일이 해당 질문의 일부 였는지 찾을 수 없습니다. 경로가 해당 파일 위치에 있어야합니까, 아니면 서버에서 선택해야합니까? 특히 인증서가있는 이유 인 공격으로부터 1 단계를 지키고 싶지 않습니다. –
스러스트 된 서버에서 cert 파일을 선택하려고합니까? (서버에 유효한 인증서가 있습니까?) – josemgu91
예 서버에서 인증서를 선택하려고합니다. 서버는 KeyStore 파일 내에 유효한 자체 서명 인증서를 가지고 있습니다. –