如何使用Smack XMPP库创建SSL连接?
[英]How to create an SSL connection using the Smack XMPP library?
问题描述
I'm building a small program that acts as an XMPP client and I am using the Smack library. 
我正在构建一个充当XMPP客户端的小程序,我正在使用Smack库。 Now, the server I am connecting to requires SSL (in Pidgin I have to check "Force old (port 5223) SSL"). 现在,我连接的服务器需要SSL(在Pidgin中我必须检查“强制旧(端口5223)SSL”)。 I'm having trouble getting Smack to connect to this server. 我无法让Smack连接到这台服务器。 Is it possible? 可能吗?
3 个解决方案
解决方案1
6 已采纳
Take a look at this thread. 看看这个帖子。
http://www.igniterealtime.org/community/thread/37678 http://www.igniterealtime.org/community/thread/37678
Essentially, you need to add these two lines to your code: 基本上,您需要将这两行添加到您的代码中:
connConfig.setSecurityMode(ConnectionConfiguration.SecurityMode.enabled);
connConfig.setSocketFactory(new DummySSLSocketFactory());
where connConfig is your ConnectionConfiguration object. 其中connConfig是您的ConnectionConfiguration对象。 Get the DummySSLSocketFactory from the Spark source code repository. 从Spark源代码存储库中获取DummySSLSocketFactory。 All it does is accept virtually any certificate. 它所做的只是接受任何证书。 This seemed to work for me. 这似乎对我有用。 Good luck! 祝好运!
解决方案2
3 2009-08-31 22:02:33
Yes, it's quite easy to achieve. 是的,它很容易实现。 Take a look at the ConnectionConfiguration class, and in particular the setSecurityMode method which accepts a ConnectionConfiguration.SecurityMode enum as a parameter. 查看ConnectionConfiguration类,特别是接受ConnectionConfiguration.SecurityMode枚举作为参数的setSecurityMode方法。 Setting this to "required" forces Smack to use TLS. 将此设置为“required”会强制Smack使用TLS。
from the Javadoc: 来自Javadoc:
Securirty via TLS encryption is required in order to connect.
解决方案3
3 2015-10-15 12:05:48
You can achieve this by the following: 您可以通过以下方式实现此目的:
Storing the CA Certificate in Keystore 将CA证书存储在密钥库中
To store the certificate in a Keystore follow these steps. 要将证书存储在密钥库中,请按照下列步骤操作。
Step 1: Download the bouncycastle JAR file. 第1步:下载bouncycastle JAR文件。 It can be downloaded from the here: Bouncy Castle JAVA Releases 它可以从这里下载:Bouncy Castle JAVA Releases
Step 2: Use the following command to store the certificate in keystore 步骤2:使用以下命令将证书存储在密钥库中
keytool -importcert -v -trustcacerts -file "<certificate_file_with_path>" -alias "<some_name_for_certificate>" -keystore "<file_name_for_the_output_keystore>" -provider org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath "<bouncy_castle_jar_file_with_path>" -storetype BKS -storepass "<password_for_the_keystore>"
Step 3: Verify the keystore file 第3步:验证密钥库文件
keytool -importcert -v -list -keystore "<file_name_for_the_keystore_with_path>" -provider org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath "<bouncy_castle_jar_file_with_path>" -storetype BKS -storepass "<password_for_the_keystore>"
This shall list us the certificate included in the keystore. 这将列出密钥库中包含的证书。
We have a keystore which we can use in our code. 我们有一个密钥库,我们可以在代码中使用它。
Using the keystore 使用密钥库
After generating this keystore, save it in the raw folder of your application. 生成此密钥库后,将其保存在应用程序的原始文件夹中。 The use the below code to get the certificate handshake with the openfire server. 使用以下代码获取与openfire服务器的证书握手。
To create a connection with openfire using XMPP, you may need to get the config. 要使用XMPP与openfire建立连接,您可能需要获取配置。 For the same, use the below method: 同样,使用以下方法:
public ConnectionConfiguration getConfigForXMPPCon(Context context) { ConnectionConfiguration config = new ConnectionConfiguration(URLConstants.XMPP_HOST, URLConstants.XMPP_PORT); config.setSASLAuthenticationEnabled(false); config.setSecurityMode(ConnectionConfiguration.SecurityMode.enabled); config.setCompressionEnabled(false); SSLContext sslContext = null; try { sslContext = createSSLContext(context); } catch (KeyStoreException e) { e.printStackTrace(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (KeyManagementException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } catch (CertificateException e) { e.printStackTrace(); } config.setCustomSSLContext(sslContext); config.setSocketFactory(sslContext.getSocketFactory()); return config; } private SSLContext createSSLContext(Context context) throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException, IOException, CertificateException { KeyStore trustStore; InputStream in = null; trustStore = KeyStore.getInstance("BKS"); if (StringConstants.DEV_SERVER_IP.equals(URLConstants.XMPP_HOST) || StringConstants.TEST_SERVER_IP.equals(URLConstants.XMPP_HOST)) in = context.getResources().openRawResource(R.raw.ssl_keystore_dev_test); else if(StringConstants.STAGE_SERVER_IP.equals(URLConstants.XMPP_HOST) || StringConstants.STAGE2_SERVER_IP.equals(URLConstants.XMPP_HOST)) in = context.getResources().openRawResource(R.raw.ssl_keystore_stage); else if(StringConstants.PROD_SERVER_IP.equals(URLConstants.XMPP_HOST) || StringConstants.PROD1_SERVER_IP.equals(URLConstants.XMPP_HOST)) in = context.getResources().openRawResource(R.raw.ssl_keystore_prod); trustStore.load(in, "<keystore_password>".toCharArray()); TrustManagerFactory trustManagerFactory = TrustManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(trustStore); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom()); return sslContext; }
All done..!! 全部做完..!! Just connect.. Now your connection is secured. 只需连接..现在您的连接是安全的。
All follow the same in my blog at smackssl.blogspot.in 所有这些都在我的博客smackssl.blogspot.in中也是如此
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.