大家好,又见面了,我是你们的朋友全栈君。
我试图在android中使用客户端证书。 我得到了一个.p12文件,我想用它来对服务器进行身份验证。如何在Android中使用p12证书(客户端证书)
我正在使用portecle将.p12文件转换为.bks文件,但我似乎没有得到它的工作。
下面的代码:
package com.pa1406.SECURE;
import java.io.InputStream;
import java.security.KeyStore;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManagerFactory;
import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.scheme.PlainSocketFactory;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.conn.SingleClientConnManager;
import android.content.Context;
public class HttpsClient extends DefaultHttpClient {
final Context context;
public HttpsClient(Context context) {
this.context = context;
}
@Override protected ClientConnectionManager createClientConnectionManager() {
SchemeRegistry registry = new SchemeRegistry();
registry.register(
new Scheme(“http”, PlainSocketFactory.getSocketFactory(), 80));
registry.register(
new Scheme(“https”,newSslSocketFactory(), 443));
return new SingleClientConnManager(getParams(), registry);
}
private SSLSocketFactory newSslSocketFactory() {
try {
KeyStore truststore = KeyStore.getInstance(“BKS”);
InputStream in = context.getResources().openRawResource(R.raw.keystore);
try {
truststore.load(in, “qwerty1234”.toCharArray());
} finally {
in.close();
}
return new SSLSocketFactory(truststore);
} catch (Exception e) {
throw new AssertionError(e);
}
}
}
我能做些什么来实现这一目标?
UPDATE:
package com.pa1406.SECURE;
import java.io.InputStream;
import java.security.KeyStore;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.scheme.PlainSocketFactory;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.conn.SingleClientConnManager;
import android.content.Context;
public class HttpsClient extends DefaultHttpClient {
final Context context;
public HttpsClient(Context context) {
this.context = context;
}
@Override protected ClientConnectionManager createClientConnectionManager() {
SchemeRegistry registry = new SchemeRegistry();
registry.register(
new Scheme(“http”, PlainSocketFactory.getSocketFactory(), 80));
registry.register(
new Scheme(“https”,newSslSocketFactory(), 443));
return new SingleClientConnManager(getParams(), registry);
}
private SSLSocketFactory newSslSocketFactory() {
try {
// setup truststore to provide trust for the server certificate
// load truststore certificate
InputStream clientTruststoreIs = context.getResources().openRawResource(R.raw.truststore);
KeyStore trustStore = null;
trustStore = KeyStore.getInstance(“BKS”);
trustStore.load(clientTruststoreIs, “qwerty1234”.toCharArray());
System.out.println(“Loaded server certificates: ” + trustStore.size());
// initialize trust manager factory with the read truststore
TrustManagerFactory trustManagerFactory = null;
trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(trustStore);
// setup client certificate
// load client certificate
InputStream keyStoreStream = context.getResources().openRawResource(R.raw.torbix);
KeyStore keyStore = null;
keyStore = KeyStore.getInstance(“BKS”);
keyStore.load(keyStoreStream, “qwerty1234”.toCharArray());
System.out.println(“Loaded client certificates: ” + keyStore.size());
// initialize key manager factory with the read client certificate
KeyManagerFactory keyManagerFactory = null;
keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, “qwerty1234”.toCharArray());
// initialize SSLSocketFactory to use the certificates
SSLSocketFactory socketFactory = null;
socketFactory = new SSLSocketFactory(SSLSocketFactory.TLS, keyStore, “qwerty1234”,
trustStore, null, null);
return socketFactory;
} catch (Exception e) {
throw new AssertionError(e);
}
}
}
2011-11-29
Bewn
发布者:全栈程序员-用户IM,转载请注明出处:https://javaforall.cn/148865.html原文链接:https://javaforall.cn
【正版授权,激活自己账号】: Jetbrains全家桶Ide使用,1年售后保障,每天仅需1毛
【官方授权 正版激活】: 官方授权 正版激活 支持Jetbrains家族下所有IDE 使用个人JB账号...