今天写项目遇到:
05-13 02:54:19.636: WARN/System.err(294): javax.net.ssl.SSLException: Not trusted server certificate
at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:360)
at org.apache.harmony.luni.internal.net.www.protocol.http.HttpConnection.getSecureSocket(HttpConnection.java:168)
at org.apache.harmony.luni.internal.net.www.protocol.https.HttpsURLConnection$HttpsEngine.connect(HttpsURLConnection.java:398)
at org.apache.harmony.luni.internal.net.www.protocol.https.HttpsURLConnection.connect(HttpsURLConnection.java:146)
at org.ksoap2.transport.ServiceConnectionSE.connect(ServiceConnectionSE.java:75)
at org.ksoap2.transport.HttpTransportSE.call(HttpTransportSE.java:136)
at org.ksoap2.transport.HttpTransportSE.call(HttpTransportSE.java:90)
at com.ceosoft.acemetrix.wsdl.WSDLClient.MakeCall(WSDLClient.java:130)
at com.ceosoft.acemetrix.wsdl.WSDLClient.InvokeMethod(WSDLClient.java:108)
at com.ceosoft.acemetrix.wsdl.WSDLClient.getDailyTop5(WSDLClient.java:146)
at com.ceosoft.acemetrix.data.manager.DataManager$1.launch(DataManager.java:144)
at com.ceosoft.acemetrix.data.DataTask.doInBackground(DataTask.java:74)
at com.ceosoft.acemetrix.data.DataTask.doInBackground(DataTask.java:1)
at android.os.AsyncTask$2.call(AsyncTask.java:185)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:305)
at java.util.concurrent.FutureTask.run(FutureTask.java:137)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1068)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:561)
at java.lang.Thread.run(Thread.java:1096)
Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: TrustAnchor for CertPath not found.
at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:168)
at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:355)
... 18 more
Caused by: java.security.cert.CertPathValidatorException: TrustAnchor for CertPath not found.
at org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi.engineValidate(PKIXCertPathValidatorSpi.java:149)
at java.security.cert.CertPathValidator.validate(CertPathValidator.java:211)
at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:164)
... 19 more
-----------------------------------------------------------------------------------------------------
找了一些参考资料:
http://stackoverflow.com/questions/995514/https-connection-android#1000205
http://groups.google.com/group/android-developers/browse_thread/thread/62d856cdcfa9f16e/dd59b1998d23a660?lnk=gst&q=SSL+fake+cert#dd59b1998d23a660
------------------------------------------------------------------------------------------------
得到结论:
call allowAllSSL() before you do any SSL communication/call to ksoap2.
It will register a new default HostnameVerifier and TrustManager.
ksoap2, when doing its SSL communication, will use the default ones and
it works like a charm.
-------------------------------------------------------------------------------------------------
解决方法:
在项目中添加类:
public class _FakeX509TrustManager implements X509TrustManager {
private static TrustManager[] trustManagers;
private static final X509Certificate[] _AcceptedIssuers = new
X509Certificate[] {};
@Override
public void checkClientTrusted(X509Certificate[] chain, String
authType) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String
authType) throws CertificateException {
}
public boolean isClientTrusted(X509Certificate[] chain) {
return true;
}
public boolean isServerTrusted(X509Certificate[] chain) {
return true;
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return _AcceptedIssuers;
}
public static void allowAllSSL() {
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier()
{
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
SSLContext context = null;
if (trustManagers == null) {
trustManagers = new TrustManager[] { new _FakeX509TrustManager() };
}
try {
context = SSLContext.getInstance("TLS");
context.init(null, trustManagers, new SecureRandom());
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
}
HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
}
}
--------------然后在:
调用:
HttpTransportSE androidHttpTransport = new HttpTransportSE(URL);
try
{
_FakeX509TrustManager.allowAllSSL()
;
// solution:
javax.net.ssl.SSLException: Not trusted server certificate
androidHttpTransport.call(soap_action, Envelope);
SoapObject response = (SoapObject)Envelope.getResponse();
return response;
}
catch(Exception e)
{
e.printStackTrace();
}
return null;
分享到:
相关推荐
NULL 博文链接:https://nassir.iteye.com/blog/1112713
访问带https请求忽略ssl证书,避免url.openStream报错javax.net.ssl.SSLHandshakeException url = new URL(imageUrl); if("https".equalsIgnoreCase(url.getProtocol())){ SslUtils.ignoreSsl(); } //不添加...
主要介绍了javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair 解决方法,有需要的朋友们可以学习下。
解决webMagic0.7.3 出现javax.net.ssl.SSLException: Received fatal alert: protocol_version的问题-附件资源
NULL 博文链接:https://xusaomaiss.iteye.com/blog/723167
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure的一个解决方案-附件资源
MQTTv5版的客户端库,原地址:... 本资源合入了解决低于android7.0报错Caused by: java.lang.ClassNotFoundException: Didn't find class "javax.net.ssl.SNIHostName"的问题。
由于Android5.0以下的手持机在使用https协议通信是,在认证证书的时候回出现SSLHandshakeException问题,所以该代码避免了这个问题。
赠送jar包:javax.servlet-3.0.0.v201112011016.jar; 赠送原API文档:javax.servlet-3.0.0.v201112011016-javadoc.jar; 赠送源代码:javax.servlet-3.0.0.v201112011016-sources.jar; 赠送Maven依赖信息文件:...
赠送jar包:javax.servlet-3.0.0.v201112011016.jar; 赠送原API文档:javax.servlet-3.0.0.v201112011016-javadoc.jar; 赠送源代码:javax.servlet-3.0.0.v201112011016-sources.jar; 赠送Maven依赖信息文件:...
赠送jar包:javax.mail-1.5.6.jar; 赠送原API文档:javax.mail-1.5.6-javadoc.jar; 赠送源代码:javax.mail-1.5.6-sources.jar; 赠送Maven依赖信息文件:javax.mail-1.5.6.pom; 包含翻译后的API文档:javax.mail...
import javax.media.jai.JAI; import javax.media.jai.RenderedOp; jai_core-1.1.3.jar jai_codec-1.1.3.jar
javax.servlet-api-***.jar中文文档.zip,java,javax.servlet-api-***.jar,javax.servlet,javax.servlet-api,***,jar包,Maven,第三方jar包,组件,开源组件,第三方组件,Gradle,javax,servlet,api,中文API文档,手册,开发...
java JNDI方式修改AD域密码 免ssl验证方式修改AD域密码 LDAP SSL 证书 javassl 很实用的一段代码,免去了复杂的证书操作过程。
Files contained in javax.persistence.jar: META-INF/MANIFEST.MF javax.persistence.Access.class javax.persistence.AccessType.class javax.persistence.AssociationOverride.class javax.persistence....
赠送jar包:javax.servlet-api-4.0.1.jar; 赠送原API文档:javax.servlet-api-4.0.1-javadoc.jar; 赠送源代码:javax.servlet-api-4.0.1-sources.jar; 赠送Maven依赖信息文件:javax.servlet-api-4.0.1.pom; ...
赠送jar包:javax.mail-1.6.2.jar; 赠送原API文档:javax.mail-1.6.2-javadoc.jar; 赠送源代码:javax.mail-1.6.2-sources.jar; 赠送Maven依赖信息文件:javax.mail-1.6.2.pom; 包含翻译后的API文档:javax.mail...
javax.jms.ServerSession.class javax.jms.ConnectionFactory.class javax.jms.MessageNotReadableException.class javax.jms.MessageNotWriteableException.class javax.jms.QueueConnection.class javax.jms....