带证书的SSL连接

Question

I would like to replicate the following Python code into an equivalent in Java:

import socket, ssl, pprint

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
ssl_sock = ssl.wrap_socket(s,
                           ca_certs="server.crt",
                           cert_reqs=ssl.CERT_REQUIRED)

ssl_sock.connect(('localhost', 10023))   
ssl_sock.write("boo!")

if False:
    data = ssl_sock.read()
    ssl_sock.close()

I came up with the following code (which is not working) but I still have two questions:

abstract class Connection extends AsyncTask<String, Void, String> {


    boolean Connect(){
        try
        {
           SSLSocketFactory factory=(SSLSocketFactory) SSLSocketFactory.getDefault();
            SSLSocket mySSLSocket=(SSLSocket) factory.createSocket("localhost", 10023);

            DataOutputStream myOutPutStream = new DataOutputStream(mySSLSocket.getOutputStream());
            myOutPutStream.writeBytes("Hello World!");

            myOutPutStream.close();
            mySSLSocket.close();

            return true;

        }
        catch(Exception e)
        {
            return false;
        }

    }

}

By executing the code I get the following Java Error:

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

1. Where do I save the certificate in my Android Application Project (Android Studio)?

2. What is the equivalent for the code below in Java?

   ssl_sock = ssl.wrap_socket(s, ca_certs="server.crt", cert_reqs=ssl.CERT_REQUIRED)

Answer 1

Try -Djavax.net.ssl.trustStore=/path/to/keystore , where '/path/to/keystore' is the absolute file path of the alternative keystore.

This needs to be a VM option for running your code / project.