我跑openssl s_client -connect mywishboard.com:443 | openssl x509 -noout -subject -issuer
,我得到以下有關證書的信息(由客戶端開發人員設置好的)Android不信任證書
depth=2 C = IL, O = StartCom Ltd., OU = Secure Digital Certificate Signing, CN = StartCom Certification Authority
verify return:1
depth=1 C = IL, O = StartCom Ltd., OU = StartCom Certification Authority, CN = StartCom Class 1 DV Server CA
verify return:1
depth=0 CN = mywishboard.com
verify return:1
subject= /CN=mywishboard.com
issuer= /C=IL/O=StartCom Ltd./OU=StartCom Certification Authority/CN=StartCom Class 1 DV Server CA
然後我檢查去Settings/system/trusted certificats
,看到StartCom有限公司是其中
然而,當我特林讓HTTPS請求,他們拋出
javax.net.ssl.SSLHandshakeException:
java.security.cert.CertPathValidatorException:
Trust anchor for certification path not found
如果我使用捲曲-I https://mywishboard.com/xxx
,它返回
curl: (60) server certificate verification failed. CAfile: /etc/ssl
/certs/ca-certificates.crt CRLfile: none
是該證書的格式不正確,或者我需要明確地將其安裝到Android設備?(但據我瞭解,如果證書與信任的CA發行人簽署的,比我並不需要安裝它,我是右)
CA不是StarCom是GoDaddy ..再次檢查證書。 – vzamanillo
@vzamanillo剛剛檢查:'issuer =/C = IL/O = StartCom Ltd./OU=StartCom證書頒發機構/ CN = StartCom Class 1 DV Server CA'或者我檢查的方式錯誤? (我使用openssl s_client -connect mywishboard.com:443) – Yarh
只需簡單地連接到https URL,無需端口並再次檢查證書 – vzamanillo