[英]Problem with “Trust anchor for certification path not found.”
Hello i didn't found solution for my problem.您好,我没有找到解决问题的方法。 In new OkHttp and Retrofit is some function:
在新的 OkHttp 和 Retrofit 中是一些 function:
HandshakeCertificates certificates = new HandshakeCertificates.Builder()
.addPlatformTrustedCertificates()
.addInsecureHost("192.168.0.150")
.build();
I am trying to connect my Android App to Spring Boot Server.我正在尝试将我的 Android 应用程序连接到 Spring 引导服务器。 This Server must use HTTPS - not my idea.
此服务器必须使用 HTTPS - 不是我的想法。 On this server i generated self-sign certyficate, but still i got error, now i don't have any ideas.
在这台服务器上,我生成了自签名证书,但仍然出现错误,现在我没有任何想法。 Here is a full error:
java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
这是一个完整的错误:
java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
Below i insert code of Retrofit generator:下面我插入 Retrofit 生成器的代码:
public class ServiceGenerator {
public static final String API_BASE_URL = "https://192.168.0.150:8443/";
private static OkHttpClient.Builder httpClient = new OkHttpClient.Builder();
// private static OkHttpClient httpClient = getUnsafeOkHttpClient();
private static Retrofit.Builder builder =
new Retrofit.Builder()
.baseUrl(API_BASE_URL)
.addConverterFactory(GsonConverterFactory.create());
private static Retrofit retrofit = builder.build();
public static <S> S createService(Class<S> serviceClass) {
return createService(serviceClass, null);
}
static public <S> S createService(
Class<S> serviceClass, final String authToken) {
if (!TextUtils.isEmpty(authToken)) {
AuthenticationInterceptor interceptor =
new AuthenticationInterceptor(authToken);
if (!httpClient.interceptors().contains(interceptor)) {
httpClient.addInterceptor(interceptor);
HandshakeCertificates certificates = new HandshakeCertificates.Builder()
.addPlatformTrustedCertificates()
.addInsecureHost("192.168.0.150")
.build();
httpClient.sslSocketFactory(certificates.sslSocketFactory(), certificates.trustManager());
OkHttpClient okHttpClient = httpClient.build();
builder.client(okHttpClient);
retrofit = builder.build();
}
}
return retrofit.create(serviceClass);
}
}
Request Code:请求代码:
private void doLoginRequest() {
DeviceAPI deviceAPI = ServiceGenerator.createService(DeviceAPI.class);
Call<JWTResponse> call = deviceAPI.login(new Login(usernameEditText.getText().toString(), passwordEditText.getText().toString()));
call.enqueue(new Callback<JWTResponse>() {
@Override
public void onResponse(Call<JWTResponse> call, Response<JWTResponse> response) {
if (response.isSuccessful()) {
Toast.makeText(LoginActivity.this, response.body().toString(), Toast.LENGTH_SHORT).show();
} else {
Toast.makeText(LoginActivity.this, response.message(), Toast.LENGTH_SHORT).show();
}
}
@Override
public void onFailure(Call<JWTResponse> call, Throwable t) {
System.out.println(t.getCause());
Toast.makeText(LoginActivity.this, t.getMessage() , Toast.LENGTH_SHORT).show();
}
});
}
Api Code: Api 代码:
public interface DeviceAPI {
@POST("api/auth/signin")
Call<JWTResponse> login(@Body Login login);
}
If you need more information give me feedback!如果您需要更多信息,请给我反馈!
This example shows connecting twice to a host - Once with a valid HTTPS Handshake, and second using addInsecureHost.此示例显示了两次连接到主机 - 一次使用有效的 HTTPS 握手,第二次使用 addInsecureHost。 nb you won't get a handshake peer in the second because the handshake won't result in valid certificates.
注意,您将不会在第二次获得握手对等体,因为握手不会产生有效的证书。
The same will apply if you run against a dev server, so edit the example to use your devserver.如果您针对开发服务器运行,同样适用,因此请编辑示例以使用您的开发服务器。
https://gist.github.com/yschimke/796e58a6152137bdcd7d2f9d63e26363 https://gist.github.com/yschimke/796e58a6152137bdcd7d2f9d63e26363
import okhttp3.OkHttpClient
import okhttp3.Request
import okhttp3.tls.HandshakeCertificates.Builder
fun main() {
val request = Request.Builder()
.url("https://httpbin.org/get")
.build()
var client = OkHttpClient();
var response = client.newCall(request).execute()
println(response.handshake?.peerPrincipal) // CN=httpbin.org
println(response.code)
val certificates = Builder()
.addInsecureHost("httpbin.org")
.build()
client = OkHttpClient.Builder().sslSocketFactory(certificates.sslSocketFactory(),
certificates.trustManager
).build();
response = client.newCall(request).execute()
println(response.handshake?.peerPrincipal) // null
println(response.code)
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.