如何让离子库信任自签名证书
[英]How do i get ion library to trust self signed certificates
问题描述
I am trying to connect to REST Service that has to use self signed certificates (it's a Unify PBXs Web Services Interface). 
我正在尝试连接到必须使用自签名证书的REST服务(它是Unify PBXs Web服务接口)。 The System will regenerate it's Certificates on Software updates and unless you load a certificate into the system there will always be a self signed one. 系统将在软件更新时重新生成它的证书,除非您将证书加载到系统中,否则将始终存在自签名证书。 When trying to connect with ion the connection is closed because of the self signed certificate (as far as google took me...). 当尝试连接离子时,连接因为自签名证书而关闭(据谷歌带我...)。 What do i need to add to my implementation to make io accept this cert? 我需要添加到我的实现中以使io接受此证书? I am using ion as follows. 我使用离子如下。
Ion.with(context)
.load(...)
.asString()
.setCallback(new FutureCallback<String>() {
@Override
public void onCompleted(Exception e, String result) {
}
});
1 个解决方案
解决方案1
7 已采纳 2014-08-19 17:36:24
You can specify custom SSL Contexts and trust managers to use self signed certificates. 您可以指定自定义SSL上下文和信任管理器以使用自签名证书。
Here's an example from a unit test: 以下是单元测试的示例:
public void testKeys() throws Exception {
KeyManagerFactory kmf = KeyManagerFactory.getInstance("X509");
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(getContext().getResources().openRawResource(R.raw.keystore), "storepass".toCharArray());
kmf.init(ks, "storepass".toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
KeyStore ts = KeyStore.getInstance(KeyStore.getDefaultType());
ts.load(getContext().getResources().openRawResource(R.raw.keystore), "storepass".toCharArray());
tmf.init(ts);
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
AsyncHttpServer httpServer = new AsyncHttpServer();
httpServer.listenSecure(8888, sslContext);
httpServer.get("/", new HttpServerRequestCallback() {
@Override
public void onRequest(AsyncHttpServerRequest request, AsyncHttpServerResponse response) {
response.send("hello");
}
});
Thread.sleep(1000);
AsyncHttpClient.getDefaultInstance().getSSLSocketMiddleware().setSSLContext(sslContext);
AsyncHttpClient.getDefaultInstance().getSSLSocketMiddleware().setTrustManagers(tmf.getTrustManagers());
AsyncHttpClient.getDefaultInstance().executeString(new AsyncHttpGet("https://localhost:8888/"), null).get();
}
You'll need to access ion's underlying http client instance as follows: 您需要访问ion的底层http客户端实例,如下所示:
Ion.getDefault(getContext()).getHttpClient().getSSLSocketMiddleware().setTrustManagers(...);
Ion.getDefault(getContext()).getHttpClient().getSSLSocketMiddleware().setSSLContext(...);
The key is a bks key store, bouncy castle. 关键是一个bks钥匙店,充气城堡。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.