1. 首頁
  2. 問答
  3. Android SSLSocket#getInputstream()在早期版本的Android 6.0上引發HandshakeException

Android SSLSocket#getInputstream()在早期版本的Android 6.0上引發HandshakeException

2016-11-22 89 views
0

在我的應用程序中,我需要處理SSLSocket。 我有這個代碼正在Android6.0及以上,當我上運行的Android版本5 +相同的代碼我得到HandshakeExceptionAndroid SSLSocket#getInputstream()在早期版本的Android 6.0上引發HandshakeException

private void openSSLSocket(String mHost, int mPort){ 
    try { 
     SocketFactory sf = SSLSocketFactory.getDefault(); 
     mSocket = (SSLSocket) sf.createSocket(mHost, mPort); 
     mSocket.setEnabledProtocols(new String[]{"TLSv1"}); 
     mInputStream = mSocket.getInputStream(); 
     mOutputStream = mSocket.getOutputStream(); 

     mSocket.setSoTimeout(0); 

    }catch (Exception e){ 
     e.printStackTrace(); 
    } 
}

我已閱讀上的Android開發者網站this文章和實施下面的代碼中,我得到了服務器管理員

private void openSSLSocketWithCA(String mHost, int mPort) { 
    try{ 

     // Load CAs from an InputStream 
     // (could be from a resource or ByteArrayInputStream or ...) 
     CertificateFactory cf = CertificateFactory.getInstance("X.509"); 
     // From https://www.washington.edu/itconnect/security/ca/load-der.crt 

     InputStream caInput = am.open("star_******_chained.crt"); 

     Certificate ca; 
     try { 
      ca = cf.generateCertificate(caInput); 
      System.out.println("ca=" + ((X509Certificate) ca).getSubjectDN()); 
     } finally { 
      caInput.close(); 
     } 

     // Create a KeyStore containing our trusted CAs 
     String keyStoreType = KeyStore.getDefaultType(); 
     KeyStore keyStore = KeyStore.getInstance(keyStoreType); 
     keyStore.load(null, null); 
     keyStore.setCertificateEntry("ca", ca); 

     // Create a TrustManager that trusts the CAs in our KeyStore 
     String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm(); 
     TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm); 
     tmf.init(keyStore); 

     // Create an SSLContext that uses our TrustManager 
     SSLContext context = SSLContext.getInstance("TLS"); 
     context.init(null, tmf.getTrustManagers(), null); 

     SSLSocketFactory sf = context.getSocketFactory(); 
     mSocket = (SSLSocket) sf.createSocket(mHost, mPort); 
     mSocket.setEnabledProtocols(new String[]{"TLSv1"}); 
     mInputStream = mSocket.getInputStream(); 
     mOutputStream = mSocket.getOutputStream(); 

     mSocket.setSoTimeout(0); 
    }catch (Exception e){ 
     e.printStackTrace(); 
    } 
}

即使再調用mSocket.getInputStream()時,我得到HandshakeException的.crt文件;方法

這裏是日誌

W/System.err: javax.net.ssl.SSLHandshakeException: Handshake failed 
W/System.err:  at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:374) 
W/System.err:  at com.android.org.conscrypt.OpenSSLSocketImpl.waitForHandshake(OpenSSLSocketImpl.java:598) 
W/System.err:  at com.android.org.conscrypt.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.java:560) 
W/System.err:  at *******.***.*******.common.CometSocketApi.openSSLSocketWithCA(CometSocketApi.java:464)

來源

2016-11-22 Varun Narisetty

+0

的Java鑽進'即使在請求了「TLS」時也是如此(請參閱:SSLContext context = SSLContext.getInstance(「TLS」);')。我猜Android 5允許與Oracle Java和SSLv3一致;而Android 6停止了這個包並且不允許它(但它只是一個猜測)。您可以嘗試在[哪些密碼套件啓用SSL套接字?]提供的SSLSocketFactoryEx'(http://stackoverflow.com/a/23365536/608639) – jww

+0

@jww感謝您的評論我已經嘗試過您的建議,但沒有運氣。 –

回答

0

了很多網絡搜索後。我已經登陸這個頁面上Updating security provider 最後,這種解決方案爲我

我稱這段代碼中的onCreate我的主要活動

try { 
     ProviderInstaller.installIfNeeded(this); 
    } catch (GooglePlayServicesRepairableException e) { 
     GooglePlayServicesUtil.getErrorDialog(e.getConnectionStatusCode(), callingActivity, 0); 
    } catch (GooglePlayServicesNotAvailableException e) { 
     Log.e("SecurityException", "Google Play Services not available."); 
    }

的這解決了我的問題

來源

2016-12-20 19:45:34

相關問題

 相關問題