Hello,
I had configure a Tomcat webserver with SSL and client autification.
So I need a clienKey.p12 File to visit the site. If I import the key
into Firefox, it works fine.
So I tried to develop a Client from "normal" Java. That works:
-----------
final static String KEYSTORE_FILE = "file:///C:/Programme/Java/
jdk1.6.0_13/bin/clientKey.p12";
final static String PASSWORD = "rAtIoNaLcLiEnT";
public static void main(String[] args) throws Exception {
Protocol authhttps = new Protocol("https", new
AuthSSLProtocolSocketFactory(new URL(KEYSTORE_FILE), PASSWORD,new URL
(KEYSTORE_FILE), PASSWORD), 8443);
HttpClient client = new HttpClient();
client.getHostConfiguration().setHost("localhost", 8443,
authhttps);
GetMethod httpget = new
GetMethod("/Head/android/services/login.do?
user=Jaeck&password=asd");
int statuscode = client.executeMethod(httpget);
if(statuscode == 200) {
String xmlResponse =
httpget.getResponseBodyAsString();
System.out.println(xmlResponse);
} else {
System.err.println("Statuscode: " + statuscode);
System.err.println("Fehler beim Aufruf des Webservice");
}
}
-----------
Now I try to develope a Client into Android and I am getting crazy....
Here my two Android implementation:
-----------
boolean first = true;
KeyStore key = KeyStoreHelper.getKeyStore(getApplication());
if(first) {
SSLSocketFactory sslSocketFactory = new
SSLSocketFactory(key,
"rAtIoNaLcLiEnT");
HttpParams parameters = new BasicHttpParams();
SchemeRegistry schemeRegistry = new
SchemeRegistry();
// sslSocketFactory.setHostnameVerifier
(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
schemeRegistry.register(new Scheme("https",
sslSocketFactory,
8443));
ClientConnectionManager manager = new
ThreadSafeClientConnManager
(parameters, schemeRegistry);
HttpClient httpClient = new
DefaultHttpClient(manager,
parameters);
httpClient.getParams().setParameter("http.connection.timeout",
new Integer(3000));
HttpGet ping = new
HttpGet("https://192.168.0.22:8443";);
HttpResponse response = httpClient.execute(ping);
int status = response.getStatusLine().getStatusCode();
if(status == 200) {
InputStream content =
response.getEntity().getContent();
int c = -1;
StringBuffer buffer = new StringBuffer();
while((c=content.read()) != -1) {
buffer.append((char)c);
}
content.close();
Log.i("EXAMPLE", buffer.toString());
} else {
Log.i("EXAMPLE", status + "");
}
} else {
KeyManagerFactory kmf =
KeyManagerFactory.getInstance("X509");
kmf.init(key, "rAtIoNaLcLiEnT".toCharArray());
TrustManagerFactory tmf =
TrustManagerFactory.getInstance
("X509");
tmf.init(key);
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(kmf.getKeyManagers(), tmf.getTrustManagers(),
new
SecureRandom());
javax.net.ssl.SSLSocketFactory f =
sc.getSocketFactory();
SSLSocket c = (SSLSocket)
f.createSocket("192.168.0.22", 8443);
c.startHandshake();
BufferedReader r = new BufferedReader(new
InputStreamReader
(c.getInputStream()));
}
-----------
I always geht the following Exception:
java.io.IOException: SSL handshake failure: Failure in SSL library,
usually a protocol error
error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad
certificate (external/openssl/ssl/s3_pkt.c:1053 0x1be510:0x00000003)
at
org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.nativeconnect
(Native Method)
at
org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake
(OpenSSLSocketImpl.java:308)
at org.apache.http.conn.ssl.AbstractVerifier.verify
(AbstractVerifier.java:92)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket
(SSLSocketFactory.java:321)
at
org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection
(DefaultClientConnectionOperator.java:129)
at org.apache.http.impl.conn.AbstractPoolEntry.open
(AbstractPoolEntry.java:164)
at org.apache.http.impl.conn.AbstractPooledConnAdapter.open
(AbstractPooledConnAdapter.java:119)
at org.apache.http.impl.client.DefaultRequestDirector.execute
(DefaultRequestDirector.java:348)
at org.apache.http.impl.client.AbstractHttpClient.execute
(AbstractHttpClient.java:555)
at org.apache.http.impl.client.AbstractHttpClient.execute
(AbstractHttpClient.java:487)
at org.apache.http.impl.client.AbstractHttpClient.execute
(AbstractHttpClient.java:465)
at de.rdgrational.marc.client.MarcClient.onCreate(MarcClient.java:
96)
at android.app.Instrumentation.callActivityOnCreate
(Instrumentation.java:1123)
at android.app.ActivityThread.performLaunchActivity
(ActivityThread.java:2231)
at android.app.ActivityThread.handleLaunchActivity
(ActivityThread.java:2284)
at android.app.ActivityThread.access$1800(ActivityThread.java:
112)
at android.app.ActivityThread$H.handleMessage(ActivityThread.java:
1692)
at android.os.Handler.dispatchMessage(Handler.java:99)
at android.os.Looper.loop(Looper.java:123)
at android.app.ActivityThread.main(ActivityThread.java:3948)
at java.lang.reflect.Method.invokeNative(Native Method)
at java.lang.reflect.Method.invoke(Method.java:521)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run
(ZygoteInit.java:782)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:540)
at dalvik.system.NativeStart.main(Native Method)
But the key is the same that I use for the "normal" java Client and
for the import into firefox. So the key is valid.
But it is signed by me... I don't want to sign it by a commercial
Company like verisign
Anybody an idea?
Thanks for Help...
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
-~----------~----~----~----~------~----~------~--~---
