带有受信任证书的SSLHandshakeException和KSaop2 HttpsTransportSE

Question

我的ksoap2 webservice和webService-client与HttpTransportSE配合得很好。现在，我想使用带有可信证书的SSL。为了在Tomcat SSL上使用webservice，我在Axis2.xml中添加了Https Transport Reciver，我认为webservice可以工作。这是我的SSL SSL服务：

<https://myURL.de:8443/WebProject_KomplexeObjekte_SSL/services/HelloWorldWS?wsdl>?

下一步是在我的客户端中将httptransportSE(URL)更改为httpstransportSE(主机、端口、文件、超时)。这是我的客户：

import org.ksoap2.SoapEnvelope;
import org.ksoap2.serialization.SoapObject;
import org.ksoap2.serialization.SoapSerializationEnvelope;
import org.ksoap2.transport.HttpTransportSE;
import org.ksoap2.transport.HttpsServiceConnectionSE;
import org.ksoap2.transport.HttpsTransportSE;

import android.app.Activity;
import android.os.Bundle;
import android.widget.TextView;

public class WSClientKomplexeObjekteActivity extends Activity {

private static final String SOAP_ACTION = "http://ws.chathura.com/getCategoryObject";
private static final String METHOD_NAME = "getCategoryObject";
private static final String NAMESPACE = "http://ws.chathura.com";
private static final String NAMESPACE2 = "http://ws.chathura.com/xsd";
private static final String HOST = "myURL.de";
private static final int PORT = 8443;
private static final String FILE = "/WebProject_KomplexeObjekte_SSL/services/HelloWorldWS?wsdl";
private static final int TIMEOUT = 1000;


/** Called when the activity is first created. */
@Override
public void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);
    setContentView(R.layout.main);

    TextView tv = (TextView)findViewById(R.id.textview1);


    SoapObject Request = new SoapObject(NAMESPACE, METHOD_NAME);
    Category C = new Category();
    C.setCategoryId(1);
    C.setDescription("Client Beschreibung");
    C.setName("Client Name"); 

    Request.addProperty("obj", C);

    SoapSerializationEnvelope envelope = new SoapSerializationEnvelope(SoapEnvelope.VER11);
    envelope.setOutputSoapObject(Request);
    envelope.addMapping(NAMESPACE2, C.getClass().getSimpleName(), C.getClass());

    HttpsTransportSE androidHttpsTransport = new HttpsTransportSE(HOST, PORT, FILE, TIMEOUT);

    Category ans = null;
    try {
        androidHttpsTransport.call(SOAP_ACTION, envelope);
        ans = (Category)envelope.getResponse();
        tv.setText("CategoryId: " + ans.getCategoryId() + "\nName: " + ans.getName() + "\nDescription: " + ans.getDescription()); 
    }
    catch(Exception e) {
        e.printStackTrace();
    }
}


}

现在我在Logcat中得到了这个异常：

W/System.err(619): javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

由于这个异常，我尝试包含一个密钥库，其中包含我的tomcat for ssl上使用的证书。你可以在注释中看到这段代码。那是没有成功的。我得到了以下异常：

E/AndroidRuntime(654): java.lang.RuntimeException: Unable to start activity ComponentInfo{de.bachelor.marcel/de.bachelor.marcel.WSClientKomplexeObjekteActivity}: java.lang.NullPointerException

Answer 1

好的..。我自己解决了这个问题。客户端代码不是问题所在。它工作得很好。唯一的问题是在服务器端。Android不信任我的服务器，因为我忘了包含根证书。所以如果你有同样的问题，你可以用http://www.sslshopper.com/ssl-checker.html#检查你的ssl服务器。

Answer 2

您可以使用此类绕过证书：

public class FakeX509TrustManager implements X509TrustManager {

    private static TrustManager[] trustManagers;
    private static final X509Certificate[] _AcceptedIssuers = new
            X509Certificate[] {};

    @Override
    public void checkClientTrusted(X509Certificate[] chain, String
            authType) throws CertificateException {
    }

    @Override
    public void checkServerTrusted(X509Certificate[] chain, String
            authType) throws CertificateException {
    }

    public boolean isClientTrusted(X509Certificate[] chain) {
        return true;
    }

    public boolean isServerTrusted(X509Certificate[] chain) {
        return true;
    }

    @Override
    public X509Certificate[] getAcceptedIssuers() {
        return _AcceptedIssuers;
    }

    public static void allowAllSSL() {
        HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier()
        {
            @Override
            public boolean verify(String hostname, SSLSession session) {
                return true;
            }

        });

        SSLContext context = null;
        if (trustManagers == null) {
            trustManagers = new TrustManager[] { new FakeX509TrustManager() };
        }

        try {
            context = SSLContext.getInstance("TLS");
            context.init(null, trustManagers, new SecureRandom());
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (KeyManagementException e) {
            e.printStackTrace();
        }

        HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
    }

}