Android SSLSocket#getInputstream() 在 Android 6.0 的早期版本上抛出 HandshakeException
Android SSLSocket#getInputstream() throws HandshakeException on earlier versions of Android 6.0
在我的应用程序中,我需要处理 SSLSocket。
我有这段代码在 Android6.0 及更高版本上工作,当我 运行 在 Android 版本 5.+ 上使用相同的代码时,我得到 HandshakeException
private void openSSLSocket(String mHost, int mPort){
try {
SocketFactory sf = SSLSocketFactory.getDefault();
mSocket = (SSLSocket) sf.createSocket(mHost, mPort);
mSocket.setEnabledProtocols(new String[]{"TLSv1"});
mInputStream = mSocket.getInputStream();
mOutputStream = mSocket.getOutputStream();
mSocket.setSoTimeout(0);
}catch (Exception e){
e.printStackTrace();
}
}
我已阅读 android 开发者网站上的 this 文章并实施了以下代码 我获得了服务器管理员的 .crt 文件
private void openSSLSocketWithCA(String mHost, int mPort) {
try{
// Load CAs from an InputStream
// (could be from a resource or ByteArrayInputStream or ...)
CertificateFactory cf = CertificateFactory.getInstance("X.509");
// From https://www.washington.edu/itconnect/security/ca/load-der.crt
InputStream caInput = am.open("star_******_chained.crt");
Certificate ca;
try {
ca = cf.generateCertificate(caInput);
System.out.println("ca=" + ((X509Certificate) ca).getSubjectDN());
} finally {
caInput.close();
}
// Create a KeyStore containing our trusted CAs
String keyStoreType = KeyStore.getDefaultType();
KeyStore keyStore = KeyStore.getInstance(keyStoreType);
keyStore.load(null, null);
keyStore.setCertificateEntry("ca", ca);
// Create a TrustManager that trusts the CAs in our KeyStore
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keyStore);
// Create an SSLContext that uses our TrustManager
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), null);
SSLSocketFactory sf = context.getSocketFactory();
mSocket = (SSLSocket) sf.createSocket(mHost, mPort);
mSocket.setEnabledProtocols(new String[]{"TLSv1"});
mInputStream = mSocket.getInputStream();
mOutputStream = mSocket.getOutputStream();
mSocket.setSoTimeout(0);
}catch (Exception e){
e.printStackTrace();
}
}
即便如此,我在调用 mSocket.getInputStream() 时仍收到 HandshakeException;方法
这是日志
W/System.err: javax.net.ssl.SSLHandshakeException: Handshake failed
W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:374)
W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.waitForHandshake(OpenSSLSocketImpl.java:598)
W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.java:560)
W/System.err: at *******.***.*******.common.CometSocketApi.openSSLSocketWithCA(CometSocketApi.java:464)
在网上大量搜索后。我已登陆此页面 Updating security provider
最后,这个解决方案对我有用
我在主程序的 onCreate 中调用了这段代码 activity
try {
ProviderInstaller.installIfNeeded(this);
} catch (GooglePlayServicesRepairableException e) {
GooglePlayServicesUtil.getErrorDialog(e.getConnectionStatusCode(), callingActivity, 0);
} catch (GooglePlayServicesNotAvailableException e) {
Log.e("SecurityException", "Google Play Services not available.");
}
这解决了我的问题
在我的应用程序中,我需要处理 SSLSocket。 我有这段代码在 Android6.0 及更高版本上工作,当我 运行 在 Android 版本 5.+ 上使用相同的代码时,我得到 HandshakeException
private void openSSLSocket(String mHost, int mPort){
try {
SocketFactory sf = SSLSocketFactory.getDefault();
mSocket = (SSLSocket) sf.createSocket(mHost, mPort);
mSocket.setEnabledProtocols(new String[]{"TLSv1"});
mInputStream = mSocket.getInputStream();
mOutputStream = mSocket.getOutputStream();
mSocket.setSoTimeout(0);
}catch (Exception e){
e.printStackTrace();
}
}
我已阅读 android 开发者网站上的 this 文章并实施了以下代码 我获得了服务器管理员的 .crt 文件
private void openSSLSocketWithCA(String mHost, int mPort) {
try{
// Load CAs from an InputStream
// (could be from a resource or ByteArrayInputStream or ...)
CertificateFactory cf = CertificateFactory.getInstance("X.509");
// From https://www.washington.edu/itconnect/security/ca/load-der.crt
InputStream caInput = am.open("star_******_chained.crt");
Certificate ca;
try {
ca = cf.generateCertificate(caInput);
System.out.println("ca=" + ((X509Certificate) ca).getSubjectDN());
} finally {
caInput.close();
}
// Create a KeyStore containing our trusted CAs
String keyStoreType = KeyStore.getDefaultType();
KeyStore keyStore = KeyStore.getInstance(keyStoreType);
keyStore.load(null, null);
keyStore.setCertificateEntry("ca", ca);
// Create a TrustManager that trusts the CAs in our KeyStore
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keyStore);
// Create an SSLContext that uses our TrustManager
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), null);
SSLSocketFactory sf = context.getSocketFactory();
mSocket = (SSLSocket) sf.createSocket(mHost, mPort);
mSocket.setEnabledProtocols(new String[]{"TLSv1"});
mInputStream = mSocket.getInputStream();
mOutputStream = mSocket.getOutputStream();
mSocket.setSoTimeout(0);
}catch (Exception e){
e.printStackTrace();
}
}
即便如此,我在调用 mSocket.getInputStream() 时仍收到 HandshakeException;方法
这是日志
W/System.err: javax.net.ssl.SSLHandshakeException: Handshake failed
W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:374)
W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.waitForHandshake(OpenSSLSocketImpl.java:598)
W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.java:560)
W/System.err: at *******.***.*******.common.CometSocketApi.openSSLSocketWithCA(CometSocketApi.java:464)
在网上大量搜索后。我已登陆此页面 Updating security provider 最后,这个解决方案对我有用
我在主程序的 onCreate 中调用了这段代码 activity
try {
ProviderInstaller.installIfNeeded(this);
} catch (GooglePlayServicesRepairableException e) {
GooglePlayServicesUtil.getErrorDialog(e.getConnectionStatusCode(), callingActivity, 0);
} catch (GooglePlayServicesNotAvailableException e) {
Log.e("SecurityException", "Google Play Services not available.");
}
这解决了我的问题