[英]Java SSLException: hostname in certificate didn't match in android application
I am working on an android application that uses rest services and hits my website(having SSL) for data.我正在开发一个使用休息服务并访问我的网站(具有 SSL)以获取数据的 android 应用程序。 Also I have some other domains on the same server.
此外,我在同一台服务器上还有一些其他域。
Now when I try to hit my website it is checking for other domains eg现在,当我尝试访问我的网站时,它正在检查其他域,例如
My website : 'abc.xyz.com'我的网站: 'abc.xyz.com'
Other domain : '*.mno.com'其他域: '*.mno.com'
REST URL eg: https://abc.xyz.com/restapiservice/data/{dataid}?restkey={rest-api-key} REST URL 例如: https : //abc.xyz.com/restapiservice/data/{dataid}?restkey={ rest-api- key}
Error:错误:
javax.net.ssl.SSLException: hostname in certificate didn't match: != < .mno.com> OR < .mno.com> OR
javax.net.ssl.SSLException: 证书中的主机名不匹配:!= < .mno.com> OR < .mno.com> OR
Code:代码:
try {
// http client
DefaultHttpClient httpClient;
final HttpParams httpParams = new BasicHttpParams();
HttpConnectionParams.setConnectionTimeout(httpParams, 30000);
httpClient = new DefaultHttpClient(httpParams);
//DefaultHttpClient httpClient = new DefaultHttpClient();
HttpEntity httpEntity = null;
HttpResponse httpResponse = null;
// Checking http request method type
if (method == POST) {
HttpPost httpPost = new HttpPost(url);
// adding post params
if (params != null) {
httpPost.setEntity(new UrlEncodedFormEntity(params));
}
httpResponse = httpClient.execute(httpPost);
} else if (method == GET) {
// appending params to url
if (params != null) {
String paramString = URLEncodedUtils
.format(params, "utf-8");
url += String.format("?%s", paramString);
}
HttpGet httpGet = new HttpGet(url);
httpResponse = httpClient.execute(httpGet);
}
httpEntity = httpResponse.getEntity();
response = EntityUtils.toString(httpEntity, HTTP.UTF_8);
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (ClientProtocolException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
I have tried solution:我试过解决办法:
try {
HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
DefaultHttpClient client = new DefaultHttpClient();
//Added my part
final HttpParams httpParams = new BasicHttpParams();
HttpConnectionParams.setConnectionTimeout(httpParams, 30000);
client = new DefaultHttpClient(httpParams);
//End my part
SchemeRegistry registry = new SchemeRegistry();
SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory();
socketFactory.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
registry.register(new Scheme("https", socketFactory, 443));
SingleClientConnManager mgr = new SingleClientConnManager(client.getParams(), registry);
DefaultHttpClient httpClient = new DefaultHttpClient(mgr, client.getParams());
// Set verifier
HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
HttpEntity httpEntity = null;
HttpResponse httpResponse = null;
// Checking http request method type
if (method == POST) {
HttpPost httpPost = new HttpPost(url);
// adding post params
if (params != null) {
httpPost.setEntity(new UrlEncodedFormEntity(params));
}
httpResponse = httpClient.execute(httpPost);
} else if (method == GET) {
// appending params to url
if (params != null) {
String paramString = URLEncodedUtils
.format(params, "utf-8");
url += String.format("?%s", paramString);
}
HttpGet httpGet = new HttpGet(url);
httpResponse = httpClient.execute(httpGet);
}
httpEntity = httpResponse.getEntity();
response = EntityUtils.toString(httpEntity, HTTP.UTF_8);
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (ClientProtocolException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
But I don't want to use it, as it might cause some security threats (I don't want to use "ALLOW_ALL_HOSTNAME_VERIFIER")但我不想使用它,因为它可能会导致一些安全威胁(我不想使用“ALLOW_ALL_HOSTNAME_VERIFIER”)
Please suggest me some other alternative to this.请建议我一些其他的替代方案。
maybe this could help you.也许这可以帮助你。
private HttpURLConnection getHttpConnection(String param)
throws IOException, NoSuchAlgorithmException,
KeyManagementException {
URL url = new URL(URL + param);
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
if (conn instanceof HttpsURLConnection) {
HttpsURLConnection httpsConn = (HttpsURLConnection) conn;
SSLContext sc;
sc = SSLContext.getInstance(TLS);
sc.init(null, null, new java.security.SecureRandom());
httpsConn.setSSLSocketFactory(sc.getSocketFactory());
}
// set Timeout and method
conn.setReadTimeout(TIMEOUT);
conn.setConnectTimeout(TIMEOUT);
conn.setRequestMethod(POST);
conn.setDoInput(true);
conn.setDoOutput(true);
return conn;
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.