從Android Lollipop 5.0開始,我無法通過SSL或TLSv1與服務器(X509TrustManager)通信
[英]Since Android Lollipop 5.0 I am not able to communicate to server (X509TrustManager) via SSL or TLSv1
問題描述
我希望有人可以在這里幫助我。 從Android Lollipop 5.0開始,我無法通過SSL與服務器(X509TrustManager)進行通信。 該應用似乎進入了無限循環,試圖建立握手。 這是我的代碼:
SSLContext sc;
SSLSocket sslsock;
Socket sock;
// Constructor
RfbProto(String h, int p) throws IOException{
host = h;
port = p;
TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs, String authType){}
public void checkServerTrusted(X509Certificate[] certs, String authType){}
}
};
try {
sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
} catch (Exception e) { }
sock = new Socket();
sock.connect(new InetSocketAddress(host, port), 5000);
sock.setSoTimeout(10000);
SSLSocketFactory factory = (SSLSocketFactory)sc.getSocketFactory();
sslsock = (SSLSocket)factory.createSocket(sock, null, 0, false);
is = new DataInputStream(new BufferedInputStream(sock.getInputStream(), 16384));
os = sock.getOutputStream();
timing = false;
timeWaitedIn100us = 5;
timedKbits = 0;
}
public void enableSSL() throws IOException{
this.sslEnabled = true;
final SSLSocket fSock = sslsock;
sslsock.addHandshakeCompletedListener(new HandshakeCompletedListener() {
@Override
public void handshakeCompleted(HandshakeCompletedEvent event) {
try {
Certificate[] peerCertificates = event.getPeerCertificates();
if (peerCertificates.length > 0) {
serverCertificate = (X509Certificate)peerCertificates[0];
}
is = new DataInputStream(new BufferedInputStream(fSock.getInputStream(), 16384));
os = fSock.getOutputStream();
} catch (SSLPeerUnverifiedException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
});
try {
fSock.startHandshake();
} catch (IOException e) {
e.printStackTrace();
}
}
查看Android 5.0的更改 ,TLS / SSL默認配置中有一些更改,但是我不確定從哪里開始。 任何幫助,將不勝感激
1 個解決方案
解決方案1
0 2015-01-09 13:33:55
嘗試強制TLSv1握手。 由於最后一次SSL被認為是易受攻擊的(POODLE),並且在許多服務器中應用程序被禁用(例如,所有付款組織,如Visa / MasterCard)。
如何使用X509TrustManager驗證android.net.http.SslCertificate?
[英]How do I validate an android.net.http.SslCertificate with an X509TrustManager?
如何修復 Android 應用程序中 X509TrustManager 警告的不安全實現
[英]How to fix unsafe implementation of X509TrustManager warrning in Android app
X509TrustManager-未調用checkServerTrusted-是否緩存了受信任的服務器證書或是否有獲取證書鏈的方法?
[英]X509TrustManager - checkServerTrusted not called - is trusted server cert cached or is there a way to get certificate chain?
X509TrustManager 是否在每個 Android 應用程序會話中只檢查一次 API 請求?
[英]Does X509TrustManager check API requests only one time per Android Application session?
如何修復使用 Unity 3D Android X509TrustManager 制作的游戲被 google play 拒絕?
[英]How to fix game made with Unity 3D Android X509TrustManager rejected by google play?
模擬安全警報的解決方案 - X509TrustManager的不安全實現
[英]Simulate the solution for Security Alert - unsafe implementation of X509TrustManager
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.
相關問題
盡管自定義 X509TrustManager,但 SSL 握手異常
Android X509TrustManager應用程序拒絕谷歌播放
如何使用X509TrustManager驗證android.net.http.SslCertificate?
X509TrustManager提醒GooglePlay
如何修復 Android 應用程序中 X509TrustManager 警告的不安全實現
X509TrustManager-未調用checkServerTrusted-是否緩存了受信任的服務器證書或是否有獲取證書鏈的方法?
X509TrustManager 是否在每個 Android 應用程序會話中只檢查一次 API 請求?
如何修復使用 Unity 3D Android X509TrustManager 制作的游戲被 google play 拒絕?
您正在使用X509TrustManager的不安全實現
模擬安全警報的解決方案 - X509TrustManager的不安全實現
相關標簽