[英]SMACK 4.2.4 connection with ejabberd through TLS
I have been working with ejabberd and smack 4.2.4. 我一直在使用ejabberd和smack 4.2.4。 It was fine until I implemented TLS certificate from LetsEncrypt.
直到我实现了LetsEncrypt的TLS证书,一切都很好。 Now it gives SSL handshake error.
现在,它给出了SSL握手错误。
Same secure connection works for iOS and other clients if I enable TLS in connection configuration. 如果我在连接配置中启用TLS,则相同的安全连接适用于iOS和其他客户端。
I searched but could find any idea how to fix this. 我进行了搜索,但发现如何解决此问题的任何想法。 Please help for Android connection.
请为Android连接提供帮助。
Thanks, 谢谢,
I spent time and finally got this solution working for me. 我花了时间,终于找到了适合我的解决方案。
configBuilder.setSecurityMode(ConnectionConfiguration.SecurityMode.required);
SSLContext sslContext = getSSLContext(context);
configBuilder.setCustomSSLContext(sslContext);
public SSLContext getSSLContext(Context context ) throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException, KeyManagementException {
CertificateFactory cf = null;
try {
cf = CertificateFactory.getInstance("X.509");
} catch (CertificateException e) {
Log.e(TAG, e.getMessage());
}
InputStream in = context.getResources().openRawResource(R.raw.chain); // R.raw.chain is CA Root Certificate added in RAW resources folder
InputStream caInput = new BufferedInputStream(in);
Certificate ca = null;
try {
ca = cf.generateCertificate(caInput);
Log.d(TAG, "ca=" + ((X509Certificate) ca).getSubjectDN());
}
catch (Exception e){
Log.e(TAG, e.getMessage());
}
finally {
caInput.close();
}
// Create a KeyStore containing our trusted CAs
String keyStoreType = KeyStore.getDefaultType();
KeyStore keyStore = KeyStore.getInstance(keyStoreType);
keyStore.load(null, null);
keyStore.setCertificateEntry("ca", ca);
// Create a TrustManager that trusts the CAs in our KeyStore
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keyStore);
// Create an SSLContext that uses our TrustManager
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, tmf.getTrustManagers(), null);
return sslContext;
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.