堆栈内存溢出
  简体   繁体   English

将SSL服务器证书下载到iOS / Android应用

[英]Downloading SSL server certificates to iOS/Android app

 原文  2013-05-03 05:49:26       android/ ssl-certificate

问题描述

We have developed an app for both iOS and Android that communicates with a server via REST calls. 我们已经开发了适用于iOS和Android的应用程序,可通过REST调用与服务器进行通信。 In order for a user to be able to login for the first time to the app, they have to first download the server's SSL certificate (via https connection on browser or using openssl, download in DER format) and manually load the certificate into a folder on the device (by connecting the device to a computer and accessing its storage). 为了使用户能够首次登录该应用程序,他们必须首先下载服务器的SSL证书(通过浏览器上的https连接或使用openssl,以DER格式下载),然后手动将证书加载到文件夹中在设备上(通过将设备连接到计算机并访问其存储)。 The app, at login, will check that folder and if the correct certificate is in there the user will be able to login... Any subsequent logins, the users will not have to load the certificate again. 该应用程序在登录时将检查该文件夹,如果其中存在正确的证书,则用户将能够登录...任何后续登录,用户将不必再次加载证书。

Now I was wondering if there is a way to automate the manual process I outlined above? 现在我想知道是否有一种方法可以使上面概述的手动过程自动化? It's a pretty tedious process, especially for a mobile app. 这是一个非常繁琐的过程,尤其是对于移动应用程序而言。

For example, connect to the server and download the certificate straight to the device... but does this kind of method have security risks? 例如,连接到服务器并将证书直接下载到设备...但是这种方法是否存在安全风险?

Thanks 谢谢

1 个解决方案

解决方案1
 0  2013-05-03 05:52:20

try this 尝试这个 

HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
            DefaultHttpClient client = new DefaultHttpClient();
            SchemeRegistry registry = new SchemeRegistry();
            SSLSocketFactory socketFactory = SSLSocketFactory
                    .getSocketFactory();
            socketFactory
                    .setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
            registry.register(new Scheme("https", socketFactory, 443));
            SingleClientConnManager mgr = new SingleClientConnManager(
                    client.getParams(), registry);
            // defaultHttpClient
            DefaultHttpClient httpClient = new DefaultHttpClient(mgr,
                    client.getParams());
            HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Qt服务器和android SSL客户端证书 - Qt server and android ssl client Certificates 在Android中使用SSL证书 - Working with SSL Certificates in Android 在Android上使用客户端/服务器证书进行双向身份验证SSL套接字 - Using client/server certificates for two way authentication SSL socket on Android Android:手动验证SSL证书 - Android : Manually validating SSL Certificates SSL 固定在 android 应用程序中是否会影响使用同一服务器的 iOS 应用程序的工作? - Does SSL pinning in android app affect working of iOS app using same server? Android应用程式凭证的用途 - Purpose of android app certificates iOS Dynamics CRM移动应用SSL证书 - Ios dynamics crm mobile appllication ssl certificates 如何获取Android SSL的根证书和中间证书 - how to get the Root certificates and intermediate certificates for android SSL 适用于Android App客户端和服务器通信的SSL安全 - SSL security for Android App client and server communications 通过SSL连接到Android App上的OpenFire服务器? - Connecting to OpenFire server on the Android App through SSL?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM