使用自签名证书在Android上创建SSL-Socket
[英]Create SSL-Socket on Android with self-signed certificate
问题描述
I'm trying to connect an Android app to a SSL-enabled server, which uses a self-signed certificate. 
我正在尝试将Android应用程序连接到启用SSL的服务器,该服务器使用自签名证书。 I've already read through dozens of tutorials and the app is now accepting the certificate & connecting to the server, but I never get any data back. 我已经阅读了几十个教程,应用程序现在接受证书并连接到服务器,但我从来没有得到任何数据。
The original code i used to initialize the socket is this: 我用来初始化套接字的原始代码是这样的:
//passphrase for keystore
char[] keystorePass="password".toCharArray();
//load own keystore (MyApp just holds reference to application context)
KeyStore keyStore=KeyStore.getInstance("BKS");
keyStore.load(MyApp.getStaticApplicationContext().getResources().openRawResource(R.raw.keystore),keystorePass);
//create a factory
TrustManagerFactory trustManagerFactory=TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
//get context
SSLContext sslContext=SSLContext.getInstance("TLS");
//init context
sslContext.init(
null,
trustManagerFactory.getTrustManagers(),
new SecureRandom()
);
//create the socket
Socket socket=sslContext.getSocketFactory().createSocket("hostname",443);
socket.setKeepAlive(true);
Afterwards, the run loop of the receiver thread uses socket.getInputStream() to access the input stream. 然后,接收器线程的运行循环使用socket.getInputStream()来访问输入流。 As long as I use an unencrypted connection, this works without a problem. 只要我使用未加密的连接,这没有问题。 But the secure connection does not retrieve any data from the socket. 但是安全连接不会从套接字中检索任何数据 。 I've verified this by adding log messages to the receive loop and even used OpenSSL's s_server to check. 我通过向接收循环添加日志消息来验证这一点,甚至使用OpenSSL的s_server进行检查。 I retrieved data from the client, but the client never received anything I sent to it. 我从客户端检索数据,但客户端从未收到我发送给它的任何内容。
As a last test, I tried to open a connection to www.google.com:443 like this: 作为最后一次测试,我尝试打开与www.google.com:443的连接,如下所示:
javax.net.SocketFactory fact=SSLSocketFactory.getDefault();
Socket socket=fact.createSocket(_config.getUri().getHost(), _config.getUri().getPort());
Still the same result, connection works but using the InputStream I receive nothing from the server. 仍然是相同的结果,连接工作但使用InputStream我没有从服务器收到任何东西。
Anybody got any ideas? 有人有任何想法吗?
EDIT: 编辑:
I'm currently not allowed to answer my own question, but here's the answer: Well, turns out the problem WAS the receive loop. 我目前不允许回答我自己的问题,但是答案是:嗯,结果问题是接收循环。 I relied on InputStream.available() to get the number of bytes to read, but didn't realize it was rather unreliable (always returns 0 for SSL socket). 我依靠InputStream.available()来获取要读取的字节数,但没有意识到它相当不可靠(对于SSL套接字总是返回0)。 So I switched the receive loop to use the blocking read() instead. 所以我将接收循环切换为使用阻塞read() 。
1 个解决方案
解决方案1
7 已采纳 2012-04-24 09:02:58
As mentioned above: Turns out the problem WAS the receive loop. 如上所述:结果问题是接收循环。 I relied on InputStream.available() to get the number of bytes to read, but didn't realize it was rather unreliable (always returns 0 for SSL socket). 我依靠InputStream.available()来获取要读取的字节数,但没有意识到它相当不可靠(对于SSL套接字总是返回0)。 So I switched the receive loop to use the blocking read() instead. 所以我将接收循环切换为使用阻塞read() 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.