[英]Mutual authentication Android and Tomcat
i want to make a mutual auth for my app and server. 我想为我的应用程序和服务器进行双向身份验证。 I follow this step:
我遵循以下步骤:
1) Create a certf. 1)创建一个certf。 and keystore for the server tomcat (tomcat.keystore)
和服务器tomcat的密钥库(tomcat.keystore)
2) Create a certf. 2)创建一个certf。 for the client
为客户
3) Import client certf. 3)导入客户端证书。 into server keystore
进入服务器密钥库
4) Create a bks keystore for Android (smartssl.bks) 4)为Android创建一个bks密钥库(smartssl.bks)
5) Import certf. 5)导入证书。 server and client into keystore Android
服务器和客户端进入密钥库Android
Now i configure Tomcat with: 现在我用以下命令配置Tomcat:
<Connector SSLEnabled="true" clientAuth="true"
keystoreFile="/home/antonio/Documenti/keystore/tomcat.keystore"
keystorePass="pass" maxThreads="150" port="8443" scheme="https"
secure="true" sslProtocol="TLS"
truststoreFile="/home/antonio/Documenti/keystore/tomcat.keystore"
truststorePass="pass" />
And in the Android app i use Volley framework like that: 在Android应用中,我使用Volley这样的框架:
InputStream keyStore = getResources().openRawResource(R.raw.smartssl);
// Usually getting the request queue shall be in singleton like in {@see Act_SimpleRequest}
// Current approach is used just for brevity
RequestQueue queue = Volley
.newRequestQueue(Act_SsSslHttpClient.this,
new ExtHttpClientStack(new SslHttpClient(keyStore, "pass", 443)));
StringRequest myReq = new StringRequest(Method.GET,
"https://192.168.1.4:8443/REST/app/generali/getA",
createMyReqSuccessListener(),
createMyReqErrorListener()){
@Override
public Map<String, String> getHeaders() throws AuthFailureError {
return createBasicAuthHeader("user", "strongpassword");
}};
queue.add(myReq);
}
});
With this config. 使用此配置。 i have this error:
我有这个错误:
no peer certificate
If i try to change Tomcat configuration with this: 如果我尝试通过以下方式更改Tomcat配置:
clientAuth="false"
works, so the problem is in the bks file? 可行,所以问题出在bks文件中? or where?
还是在哪里?
I solve with put in the app the Keystore and the Truststore in BKS. 我通过在应用程序中解决BKS中的密钥库和信任库来解决。
Here there is a guide to create a self certificate: 这里有创建自我证书的指南:
Create a self certificate for client and server 为客户端和服务器创建自我证书
And here there is the class example for mutual auth with Volley: 这是与Volley进行相互身份验证的类示例:
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.