1. 首頁
  2. 問答
  3. Android上支持雙向SSL握手嗎?

Android上支持雙向SSL握手嗎?

2010-10-18 149 views
0

有沒有人有任何成功獲取Android設備參加雙向SSL hanshake?即與設備上涉及的客戶端證書?在從SD卡安裝客戶端證書之後 - 我無法連接到需要在瀏覽器或郵件應用程序中進行雙向SSL握手的URL。 (我們將郵件服務器保護在建立SSL連接的硬件設備後面)。Android上支持雙向SSL握手嗎?

設備只是拋出一個SSL握手錯誤。我們的設置適用於安裝了客戶端證書的所有桌面瀏覽器,iphones和WinMo設備。

這是從設備(2.1 HTC Desire的)錯誤日誌:

D/EAS_AppSvc( 422): 06021143 > testServer() 
D/EAS_AppSvc( 422): 06021143 > initEASService() 
V/EAS DeviceInfo( 422): GetDeviceID: 4020b869 
D/EAS_AppSvc( 422): 06021143 (1)connect to > https://serverxxx.com.au/Microsoft-Server-ActiveSync?User=u415434&DeviceId=HTCAnd4020b869&DeviceType=htcbravo 
I/AlertDialog( 422): [onCreate] auto launch SIP. 
D/EASProgressDialog( 422): 06021143 onStart() 
D/EAS_AppSvc( 422): 06021143 onServiceStateChanged :serviceState = 0 home Telstra Mobile (N/A) 50501 HSDPA CSS not supported -1 -1RoamInd: -1DefRoamInd: -1EriInd: -1EriMode: -1RadioPowerSv: false 
I/LockUtil( 422): 06021143 - acquire PowerLock - PARTIAL_WAKE_LOCK: EAS_NETWORK_CHANGE 
D/EAS_AppSvc( 422): 06021143 isWifiNetwork: false 
D/EAS_AppSvc( 422): 06021143 isWifiNetwork: false 
D/EAS_AppSvc( 422): 06021143 isMobileNetwork: true 
D/EAS_AppSvc( 422): 06021143 NETWORK_STATE_CHANGED: isWifi:false, isMobile:true 
D/EAS_AppSvc( 422): 06021143 SvcHandler - Account not configured 
I/LockUtil( 422): 06021143 - release PowerLock: EAS_NETWORK_CHANGE 
D/TelephonyRegistry( 81): notifyDataConnection() state=2isDataConnectivityPossible()true, reason=null 
D/TelephonyRegistry( 81): broadcastDataConnectionStateChanged() state=CONNECTEDtypes=default,supl, interfaceName=rmnet0 
D/NetworkLocationProvider( 81): onDataConnectionStateChanged 8 
D/MobileDataStateTracker( 81): replacing old mInterfaceName (rmnet0) with rmnet0 for supl 
D/PhoneApp( 145): mReceiver: ACTION_ANY_DATA_CONNECTION_STATE_CHANGED 
D/PhoneApp( 145): - state: CONNECTED 
D/PhoneApp( 145): - reason: null 
D/PendingMsgSendReceiverRegister( 372): onReceive, start to send QueuedMessage 
D/PendingMsgSendReceiverRegister( 372): SmsReceiverService_handleServiceStateChanged() sendFirstQueuedMessage >> 
D/PendingMsgSendReceiverRegister( 372): SmsReceiverService_handleServiceStateChanged() sendFirstQueuedMessage << 
V/MmsSystemEventReceiver( 372): Intent received: Intent { act=android.intent.action.ANY_DATA_STATE cmp=com.android.mms/.transaction.MmsSystemEventReceiver (has extras) } 
E/OpenSSLSocketImpl( 422): Unknown error 1 during connect 
W/System.err( 422): java.io.IOException: SSL handshake failure: Failure in SSL library, usually a protocol error 
W/System.err( 422): error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure (external/openssl/ssl/s3_pkt.c:1053 0x4b1778:0x00000003) 
W/System.err( 422): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.nativeconnect(Native Method) 
W/System.err( 422): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:305) 
W/System.err( 422): at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:92) 
W/System.err( 422): at com.htc.android.mail.eassvc.common.EASHostnameVerifier.verify(EASHostnameVerifier.java:34) 
W/System.err( 422): at com.htc.android.mail.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:242) 
W/System.err( 422): at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:129) 
W/System.err( 422): at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164) 
W/System.err( 422): at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119) 
W/System.err( 422): at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:348) 
W/System.err( 422): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555) 
W/System.err( 422): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487) 
W/System.err( 422): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465) 
W/System.err( 422): at android.net.http.AndroidHttpClient.execute(AndroidHttpClient.java:283) 
W/System.err( 422): at com.htc.android.mail.eassvc.EASAppSvc.testServer(EASAppSvc.java:3999) 
W/System.err( 422): at com.htc.android.mail.eassvc.EASAppSvc$2.testServer(EASAppSvc.java:600) 
W/System.err( 422): at com.htc.android.mail.easclient.ExchangeSvrSetting$TestServerThread.run(ExchangeSvrSetting.java:1188) 
I/EAS_AppSvc( 422): 06021143 testServer(), IOException(1): SSL handshake failure: Failure in SSL library, usually a protocol error 
I/EAS_AppSvc( 422): error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure (external/openssl/ssl/s3_pkt.c:1053 0x4b1778:0x00000003) 
V/EAS DeviceInfo( 422): GetDeviceID: 4020b869 
D/EAS_AppSvc( 422): 06021143 (2)connect to > https://serverxxx.com.au/Microsoft-Server-ActiveSync?User=u415434&DeviceId=HTCAnd4020b869&DeviceType=htcbravo 
E/OpenSSLSocketImpl( 422): Unknown error 1 during connect 
W/System.err( 422): java.io.IOException: SSL handshake failure: Failure in SSL library, usually a protocol error 
W/System.err( 422): error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure (external/openssl/ssl/s3_pkt.c:1053 0x3f9e10:0x00000003) 
W/System.err( 422): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.nativeconnect(Native Method) 
W/System.err( 422): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:305) 
W/System.err( 422): at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:92) 
W/System.err( 422): at com.htc.android.mail.eassvc.common.EASHostnameVerifier.verify(EASHostnameVerifier.java:34) 
W/System.err( 422): at com.htc.android.mail.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:242) 
W/System.err( 422): at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:129) 
W/System.err( 422): at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164) 
W/System.err( 422): at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119) 
W/System.err( 422): at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:348) 
W/System.err( 422): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555) 
W/System.err( 422): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487) 
W/System.err( 422): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465) 
W/System.err( 422): at android.net.http.AndroidHttpClient.execute(AndroidHttpClient.java:283) 
W/System.err( 422): at com.htc.android.mail.eassvc.EASAppSvc.testServer(EASAppSvc.java:3999) 
W/System.err( 422): at com.htc.android.mail.eassvc.EASAppSvc$2.testServer(EASAppSvc.java:600) 
W/System.err( 422): at com.htc.android.mail.easclient.ExchangeSvrSetting$TestServerThread.run(ExchangeSvrSetting.java:1188) 
I/EAS_AppSvc( 422): 06021143 testServer(), IOException(2): SSL handshake failure: Failure in SSL library, usually a protocol error 
I/EAS_AppSvc( 422): error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure (external/openssl/ssl/s3_pkt.c:1053 0x3f9e10:0x00000003) 
D/EASProgressDialog( 422): 06021143 onStop() 
V/HtcAlertDialog( 422): onStop 
I/HtcAlertDialog( 422): deinitSensor

來源

2010-10-18 mr_skater99

回答

0

安裝cert還真是使其可用於VPNWiFi,一般不會對所有的應用程序。

應用程序可以通過創建自己的SSLContext,並用KeyManager初始化它,如在此Java例如使用客戶端證書:SSLContext and KeyManager example通過SSLContext.getSocketFactory返回將提供握手期間從keystore客戶端證書的SSLSocketFactory

從您的堆棧跟蹤,好像你正在使用從HTC的電子郵件應用程序,我不知道他們是否支持客戶端證書,如果是的話,他們可能需要在應用程序中進行配置。我知道Android Market上提供的第三方應用程序Nitrodesk Touchdown支持客戶端證書,但在Froyo中的Android內置Exchange支持不支持。

來源

2010-11-16 21:46:20 bdc

+0

感謝BDC,我曾試圖達陣,提供和我得到完全相同的堆棧跟蹤。我們的設置不同之處在於SSL證書不是通過身份驗證交換來要求的,而是作爲SSL協商的一部分由硬件設備事先詢問。 ,盡我所能告訴它好像機器人進行SSL連接時使用客戶端證書從密鑰庫不支持。我在所有郵件應用程序中看到相同的行爲,並且如果我嘗試在手機瀏覽器中連接到OWA URL(受相同機制保護)。 – 2010-11-17 06:49:28

相關問題

 相關問題