2017-02-23 80 views
0

我正在爲正在嘗試創建的https連接輸入密鑰庫。但是,我得到錯誤java.security.cert.CertPathValidatorException:未找到證書路徑的信任錨。在使用該方法如下:android java.security.cert.CertPathValidatorException:未找到證書路徑的信任錨點

public HttpsURLConnection setUpHttpsConnection() 
{ 
    String HttpMessage=""; 
    int HttpResult=0; 
    HttpsURLConnection urlConnection=null; 
    try 
    { 
     Log.i("status","inside method.."); 

     InputStream caInput = getAssets().open("myapp_key.p12"); 
     KeyStore keyStore = KeyStore.getInstance("PKCS12"); 
     String pfxPassword = "test123"; // change it to the correct password 
     keyStore.load(caInput, pfxPassword.toCharArray()); 
     String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm(); 
     TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm); 
     tmf.init(keyStore); 

     TrustManager[] trustManagers = tmf.getTrustManagers(); 
     final X509TrustManager origTrustmanager = (X509TrustManager)trustManagers[0]; 

     TrustManager[] wrappedTrustManagers = new TrustManager[]{ 
       new X509TrustManager() { 
        public java.security.cert.X509Certificate[] getAcceptedIssuers() { 
         return origTrustmanager.getAcceptedIssuers(); 
        } 

        public void checkClientTrusted(X509Certificate[] certs, String authType) throws CertificateException { 
         origTrustmanager.checkClientTrusted(certs, authType); 
        } 

        public void checkServerTrusted(X509Certificate[] certs, String authType) throws CertificateException { 
         try { 
          origTrustmanager.checkServerTrusted(certs, authType); 
         } catch (CertificateExpiredException e) { 
          e.printStackTrace(); 
         } 
        } 
       } 
     }; 

     SSLContext sc = SSLContext.getInstance("TLS"); 
     sc.init(null, wrappedTrustManagers, null); 

     // Tell the URLConnection to use a SocketFactory from our SSLContext 
     urlConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); 
     URL url = new URL("https://sandbox.api.visa.com/visadirect/mvisa/v1/merchantpushpayments/"); 
     urlConnection =(HttpsURLConnection)url.openConnection(); 
     urlConnection.setDoOutput(true); 
     urlConnection.setRequestMethod("POST"); 
     urlConnection.setRequestProperty("Content-Type", "application/json"); 
     urlConnection.setRequestProperty("Authorization", "SYZK9LIO98QIQNQ27H6921fgRyt63FHIxrQP76m0hNYT6BZ7I:pB1g5XX3Hw58buPENR03ZM4Vgm7P"); 
     InputStream in = urlConnection.getInputStream(); 
     BufferedReader reader = new BufferedReader(new InputStreamReader(in)); 
     String res = reader.toString(); 
     System.out.println(res); 




    }catch(SSLHandshakeException he){ 
     he.printStackTrace(); 
    } 
    catch (Exception ex) 
    { 
     Log.e("error", "Failed to establish SSL connection to server: " + ex.toString()); 
     return null; 
    } 
    return urlConnection; 
} 

這是錯誤:

02-23 14:33:10.641 27643-28086/com.eva.mvisa W/System.err: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. 
02-23 14:33:10.641 27643-28086/com.eva.mvisa W/System.err:  at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:306) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at com.android.okhttp.Connection.upgradeToTls(Connection.java:197) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at com.android.okhttp.Connection.connect(Connection.java:151) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:276) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:211) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at com.android.okhttp.internal.http.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:373) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at com.android.okhttp.internal.http.HttpURLConnectionImpl.getResponse(HttpURLConnectionImpl.java:323) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at com.android.okhttp.internal.http.HttpURLConnectionImpl.getInputStream(HttpURLConnectionImpl.java:190) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at com.android.okhttp.internal.http.DelegatingHttpsURLConnection.getInputStream(DelegatingHttpsURLConnection.java:210) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at com.android.okhttp.internal.http.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:25) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at com.eva.mvisa.activities.PayMerchant.setUpHttpsConnection(PayMerchant.java:515) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at com.eva.mvisa.activities.PayMerchant$PayMerchantAsync.doInBackground(PayMerchant.java:238) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at com.eva.mvisa.activities.PayMerchant$PayMerchantAsync.doInBackground(PayMerchant.java:170) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at android.os.AsyncTask$2.call(AsyncTask.java:288) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at java.util.concurrent.FutureTask.run(FutureTask.java:237) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:231) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at java.lang.Thread.run(Thread.java:818) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err: Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:318) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at com.android.org.conscrypt.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:209) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at com.eva.mvisa.activities.PayMerchant$4.checkServerTrusted(PayMerchant.java:495) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:115) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:525) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err:  at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:302) 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err: ... 18 more 
02-23 14:33:10.651 27643-28086/com.eva.mvisa W/System.err: Caused by: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. 

回答

0

檢查證書鏈。鏈中的所有證書都可用,還是需要額外下載?

我在我的應用程序中有同樣的消息,並注意到我的鏈缺少中間證書。一旦我把它放在我的.pem文件中,我的問題就解決了。

使用https://www.ssllabs.com來檢查您的應用程序。

+0

請參閱此處 - https://developer.android.com/training/articles/security-ssl.html#HttpsExample – Mortensummer

相關問題