stackoom
  简体   繁体   中英

How to download a binary large file throw HTTPS when the web server require a client TLS certificate?

 原文  2019-04-08 15:29:28       java/ android/ kotlin

Question

I didn't find any way to implement an SSLContext with DownloadManager. Is there a way to add a Client certificate (keystore)?

For now, it is a self signed certificate (both client&server). I'm able to connect to this server with okhttp (managing SSLContext) but with DownloadManager i get an error 'SSL Handshake'.

1 answers

solution1
 0  2019-04-08 15:53:56

Here is my code,

 @Nullable
private static SSLContext initTrustManager(Context context) {
    try {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        InputStream is = context.getAssets().open("s_cert.cer");
        Certificate ca;
        try {
            ca = certificateFactory.generateCertificate(is);
            Log.i("TrustManager", "ca=" + ((X509Certificate) ca).getSubjectDN());
        } finally {
            is.close();
        }
        String keyStoreType = KeyStore.getDefaultType();
        KeyStore keyStore = KeyStore.getInstance(keyStoreType);
        keyStore.load(null, null);
        keyStore.setCertificateEntry("ca", ca);
        String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
        TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
        tmf.init(keyStore);
        SSLContext sslContext = SSLContext.getInstance("TLS");
        sslContext.init(null, tmf.getTrustManagers(), null);
        return sslContext;
    } catch (CertificateException e) {
        e.printStackTrace();
    } catch (IOException e) {
        e.printStackTrace();
    } catch (KeyStoreException e) {
        e.printStackTrace();
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    } catch (KeyManagementException e) {
        e.printStackTrace();
    }
    return null;
}

And here is how I implement it:

builder.sslSocketFactory(initTrustManager(context).getSocketFactory());

This is working code, so if you still get exceptions, pay attention to SSL certificate itself or make some changes inside api of server. Hope it helps))

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Will client JVM for a web service(https) throw an SSL Exception when the server is having a valid certificate from a CA? How to call the https get method on a self signed server and client certificate Java web service over https - How to add a self-signed certificate into a client api? how can i generate a web service proxy behind https and client certificate request How can I get a Netty server to reload a TLS certificate when it is renewed? TLS with client certificate failing handshake Certificate java client https download file withough storing file on server? How to give download functionality of file to client withought storing file on server? How to use wsimport when server expects client certificate? Android HTTPS Server - Client Authentication self-certificate
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM