Android 問題解決:Caused by: java.security.cert.CertificateException

原創 archi-dreamer 2018-08-26 09:31

今天在調試Android 程序中,使用Https 協議訪問server失敗,出現
Caused by: java.security.cert.CertificateException的錯誤提示,具體的logcat 打印的出錯信息如下:

11-28 17:00:30.546: W/System.err(6562): Caused by: java.security.cert.CertificateException: com.android.org.bouncycastle.jce.exception.ExtCertPathValidatorException: Could not validate certificate: current time: Mon Nov 28 17:00:30 格林尼治標準時間+0800 2016, expiration time: Wed Nov 21 07:48:32 格林尼治標準時間+0800 2012
11-28 17:00:30.546: W/System.err(6562):     at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:296)
11-28 17:00:30.546: W/System.err(6562):     at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:197)
11-28 17:00:30.546: W/System.err(6562):     at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:584)
11-28 17:00:30.546: W/System.err(6562):     at org.apache.harmony.xnet.provider.jsse.NativeCrypto.SSL_do_handshake(Native Method)
11-28 17:00:30.546: W/System.err(6562):     at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:378)
11-28 17:00:30.546: W/System.err(6562):     ... 13 more

這裏的比較明顯提示了錯誤原因: Https 連接時SSL 證書握手認證出現了錯誤, 那麼怎麼解決呢?

通過網絡各種查找,終於得以解決,在此記錄,分享一下經驗:

解決辦法:忽略證書驗證,具體實現如下:

//忽略 https 證書驗證  
if (url.getProtocol().toUpperCase().equals("HTTPS")) {  
    trustAllHosts();  
    HttpsURLConnection httpsCont = (HttpsURLConnection) url.openConnection();  
    https.setHostnameVerifier(HttpIgnoreSSL.DO_NOT_VERIFY);  
    connection = httpsCont;  
} else {  
    connection = (HttpURLConnection) url.openConnection();  
} 

// Create a trust manager that does not validate certificate chains, Android use X509 cert
public static void trustAllHosts() 
{      
    TrustManager[] trustAllCerts = new TrustManager[] { 
        new X509TrustManager() {  
            public java.security.cert.X509Certificate[] getAcceptedIssuers() {  
            return new java.security.cert.X509Certificate[] {};  
        }  

        public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {  
    }  

        public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {  
        }  
    } 
};  

    // Install the all-trusting trust manager  
    try {  
        SSLContext sc = SSLContext.getInstance("TLS");  
        sc.init(null, trustAllCerts, new java.security.SecureRandom());  
        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());  
    } catch (Exception e) {  
        e.printStackTrace();  
    }  
}

public final static HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier() {  
    public boolean verify(String hostname, SSLSession session) {  
        return true;  
    }  
};
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章

Android消息處理機制(Handler、Looper、MessageQueue與Message)

archi-dreamer 2018-08-26 09:31:03

談談Android裏的Context的使用!

archi-dreamer 2018-08-26 09:31:01

Android Studio系列教程--Gradle基礎

archi-dreamer 2018-08-26 09:31:01

博客搬家了,謝謝你的瀏覽

修真代码 2018-08-24 09:38:56