I tried connect to my JAX-WS service over SSL. Without SSL all works.
Method in AsyncTask:
HttpsTransportSE androidHttpTransport = new HttpsTransportSE("10.0.2.2", 8181, "/Server/?wsdl", 10000);
((HttpsServiceConnectionSE) androidHttpTransport.getServiceConnection()).setSSLSocketFactory(trustAllHosts()
.getSocketFactory());
//androidHttpTransport.debug=true;
androidHttpTransport.call(getSoapAction(method), envelope);
Get SSLContext
public SSLContext allowAllSSL() {
SSLContext context = null;
TrustManager[] trustManagers = null;
try{
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
KeyStore keyStore = KeyStore.getInstance("pkcs12");
InputStream in = cntx.getResources().openRawResource(R.raw.client_keystore);
try {
keyStore.load(in, "password".toCharArray());
} catch (CertificateException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} finally {
in.close();
}
tmf.init(keyStore);
if (trustManagers == null) {
trustManagers = new TrustManager[] { new FakeX509TrustManager() };
}
try {
context = SSLContext.getInstance("SSL");
context.init(null, tmf.getTrustManagers(), new SecureRandom());
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
}
HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
}catch(Exception ex)
{
Log.e(TAG,"allowAllSSL failed: "+ex.toString());
}
return context;
}
I get this error log:
12-18 07:51:42.161: E/Example:LogOnAsync(3161): doInBackground failed: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
12-18 07:51:42.161: W/System.err(3161): javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
12-18 07:51:42.169: W/System.err(3161): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:401)
12-18 07:51:42.169: W/System.err(3161): at libcore.net.http.HttpConnection.setupSecureSocket(HttpConnection.java:209)
12-18 07:51:42.169: W/System.err(3161): at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.makeSslConnection(HttpsURLConnectionImpl.java:478)
12-18 07:51:42.169: W/System.err(3161): at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.connect(HttpsURLConnectionImpl.java:433)
I'm found ask on my question: In MainAsync:
HttpsTransportSE androidHttpTransport = new HttpsTransportSE(10.0.2.2, 8181, "/server/?wsdl", 10000);
((HttpsServiceConnectionSE) androidHttpTransport.getServiceConnection()).setSSLSocketFactory(trustAllHosts().getSocketFactory());
protected SSLContext trustAllHosts()
{
return allowAllSSL();
}
public SSLContext allowAllSSL() {
SSLContext context = null;
TrustManager[] trustManagers = null;
KeyManagerFactory mgrFact;
try{
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
mgrFact = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
KeyStore keyStore = KeyStore.getInstance("pkcs12");
InputStream in = cntx.getResources().openRawResource(R.raw.keystore);
try {
keyStore.load(in, "password".toCharArray());
mgrFact.init(keyStore, "password".toCharArray());
} catch (CertificateException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} finally {
in.close();
}
tmf.init(keyStore);
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier()
{
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
if (trustManagers == null) {
trustManagers = new TrustManager[] { new FakeX509TrustManager() };
}
final TrustManager[] trustAllCerts = new TrustManager[] {new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
System.out.println("getAcceptedIssuers");
return null;
}
public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
System.out.println("Сведения о сертификате : " + chain[0].getIssuerX500Principal().getName() + "\n Тип авторизации : " + authType);
}
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
System.out.println("checkClientTrusted : " + authType);
}
} };
//tmf.getTrustManagers()
try {
context = SSLContext.getInstance("TLS");
context.init(mgrFact.getKeyManagers(), trustAllCerts, new SecureRandom());
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
}
HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
}catch(Exception ex)
{
Log.e(TAG,"allowAllSSL failed: "+ex.toString());
}
return context;
}
来源:https://stackoverflow.com/questions/20658849/android-ksoap2-ssl-java-security-cert-certpathvalidatorexception