问题
I use a hosting with a self-signed certificate. So I downloaded the certificate from my domain https://www.marpel.cz/ and created .bks file using http://portecle.sourceforge.net/.
I need to establish the https connection and retrieve data from my webservice. I use ksoap2 library. I have copied and used a class ConnectionWithSelfSignedCertificate stated in ksoap2 wiki.
This is the way I create a keyStore
MainActivity.java
// Get an instance of the Bouncy Castle KeyStore format
try {
this.keyStore = KeyStore.getInstance("BKS");
} catch (KeyStoreException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
// Get the raw resource, which contains the keystore with
// your trusted certificates (root and any intermediate certs)
InputStream in = this.getApplicationContext().getResources().openRawResource(R.raw.myCer);
try {
// Initialize the keystore with the provided trusted certificates
// Also provide the password of the keystore
this.keyStore.load(in, "myPass".toCharArray());
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}finally {
try {
in.close();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
try {
this.sslSocketFactory = new ConnectionWithSelfSignedCertificate(this.keyStore).getSSLSocketFactory();
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
And this is a code from AsyncTask
background task
final HttpsTransportSE transportSE = new HttpsTransportSE(URL, PORT, SERVICE, TIMEOUT);
try {
((HttpsServiceConnectionSE) transportSE.getServiceConnection()).setSSLSocketFactory(this.sslSocketFactory);
} catch (IOException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
If I call transportSE.call(SOAP_ACTION, envelope); I get IOException, Hostname 'www.marpel.cz' was not verified. What do I do wrong?
I have an ICS 4.1.2 device.
回答1:
Firstly, do you use self signed certificate?
If yes, then follow this link: android-webservices-via-ksoap2-https
You need extra classes for creating https connection and accepting of the certificate. When everything is prepared, you can call your transportSE.
回答2:
The code in my first post works fine. I have found out that the self-signed certificate was issued for different domain. I fixed the certificate and everything works fine.
The fixed certificate runs here https://www.marpel.cz:445/
Thank you, Martin.
来源:https://stackoverflow.com/questions/15005360/self-signed-certificate