Android TLS连接和自签名证书
[英]Android TLS connection and self signed certificate
问题描述
I'm trying to connect to a node.js based TLS server from my Android app. 
我正在尝试从我的Android应用程序连接到基于node.js的TLS服务器。 Naturally it fails becouse I'm using a self-signed certificate. 当然它失败了因为我使用的是自签名证书。
Is there anyway I can just add the certificate to my app and have Android trust it somehow? 无论如何我可以将证书添加到我的应用程序并让Android以某种方式信任它吗? Note, I'm not using HTTPS, this is a TLS over TCP connection. 注意,我没有使用HTTPS,这是一个TLS over TCP连接。
2 个解决方案
解决方案1
18 已采纳 2012-08-27 23:26:55
After a lot of reading around, I came up with an answer. 经过大量的阅读,我想出了一个答案。
A pretty good guide is here: http://nelenkov.blogspot.no/2011/12/using-custom-certificate-trust-store-on.html 这里有一个很好的指南: http : //nelenkov.blogspot.no/2011/12/using-custom-certificate-trust-store-on.html
Now, since I'm not using HTTPS, I had to come up with a slightly different approach for getting a clean SSL socket with the new keystore: 现在,因为我没有使用HTTPS,所以我不得不采用一种稍微不同的方法来获得一个带有新密钥库的干净SSL套接字:
KeyStore store = KeyStore.getInstance("BKS");
InputStream truststore = mainActivity.getResources().openRawResource(R.raw.trust);
store.load(truststore, "PASSWORD".toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
tmf.init(store);
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), new SecureRandom());
Socket socket = context.getSocketFactory().createSocket(ip, port);
解决方案2
7 2012-08-22 15:02:16
Adding certificate to your application isn't recommended. 不建议将证书添加到您的应用程序中。 You'll have problems with updating the certificate. 更新证书时会遇到问题。
Have you looked at: 你看过了吗:
Self-signed SSL acceptance on Android Android上的自签名SSL接受
HTTPS GET (SSL) with Android and self-signed server certificate 使用Android和自签名服务器证书的HTTPS GET(SSL)
? ?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.