【发布时间】:2012-11-13 13:33:45
【问题描述】:
连接到 SSL WebServices Apache Tomcat 时出现问题,Java SE 客户端连接正常,但 Android 客户端不想连接并显示以下错误之一:1.“未满足安全要求 - 中无安全标头消息”, 2. “Java.lang.RuntimeException: java.lang.RuntimeException: 错误: 0407006A: rsa 例程: RSA_padding_check_PKCS1_type_1: 块类型不是 01 (SHA-1) . "为了连接,我描述了以下代码:
private SSLSocketFactory getSSLSocketFactory() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
KeyStore trusted = KeyStore.getInstance("PKCS12");
InputStream in = activity.getResources().openRawResource(R.raw.client_keystore);
try {
trusted.load(in, "blablabla".toCharArray());
} catch (CertificateException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} finally {
try {
in.close();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
TrustManagerFactory tmf = TrustManagerFactory.getInstance("X509");
tmf.init(trusted);
SSLContext context = SSLContext.getInstance("SSLv3");
context.init(null, tmf.getTrustManagers(), null);
return context.getSocketFactory();
}
public String SendRecieveMessage(String xmlData, String nameXML, String methodName, String methodAction) {
HttpsTransportSE httpTransport = new KeepAliveHttpsTransportSE("hostname", 8443, "/blablabla/blablabla?wsdl", 1000);
SoapSerializationEnvelope envelope = new SoapSerializationEnvelope(SoapEnvelope.VER11);
SoapObject request = new SoapObject(activity.getResources().getString(R.string.SOAP_NAMESPACE), methodName); // set
// request
Log.e("Sending SOAP", xmlData);
String base64 = base64Coder.encodeString(xmlData);
request.addProperty(nameXML, base64);
envelope.setOutputSoapObject(request); // prepare request
try {
((HttpsServiceConnectionSE) httpTransport.getServiceConnection()).setSSLSocketFactory(getSSLSocketFactory());
} catch (KeyManagementException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (KeyStoreException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (NoSuchAlgorithmException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (IOException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
SoapPrimitive result = null;
try {
httpTransport.call(methodAction, envelope);
result = (SoapPrimitive) envelope.getResponse(); // get
if (result != null) {
base64 = base64Coder.decodeString(result.toString());
} else {
base64 = null;
}
} catch (IOException e) {
// TODO Auto-generated catch block
Log.e("ERROR", "SOAPSendRecieve: " + e.getMessage());
base64 = null;
} catch (XmlPullParserException e) {
// TODO Auto-generated catch block
Log.e("ERROR", "SOAPSendRecieve: " + e.getMessage());
base64 = null;
} catch (IllegalArgumentException e) {
Log.e("ERROR", "SOAPSendRecieve: " + e.getMessage());
base64 = null;
}
} finally {
request = null;
result = null;
}
return base64;
}
由 blablabla.jks 中的服务器转换为 blablabla.pfx (PKCS # 12),我尝试使用两个程序:“KeyStore Explorer”和“Portecle”,还尝试了格式“BKS”,结果相同,SSL官网Example中描述的kSOAP2,可能是什么问题,是因为不正确或者客户端可能是服务器设置有问题而导致的错误?
请求和响应转储示例:
【问题讨论】:
-
你能发布完整的堆栈跟踪吗?看起来证书可能没有正确解析,PKCS#12 文件中的内容是什么?
-
贴出dump kSOAP2,在Tomcat Catalina的日志中,我看到客户端在尝试连接,但是在web服务的日志中是空的,从dump看,Tomcat不理解客户端就可以了不明白为什么...
-
如果您无法建立 SSL 连接,则请求永远不会到达 Web 服务器。你能显示客户端(Android)的完整堆栈跟踪吗?
-
问题解决了,服务器部署了库WSIT,需要保护Security Header,即“User”和“Password”,一个SOAP消息,因为我没有指定这些参数,服务器我没有连接邮件标题中描述的给予谢谢。
-
酷,很高兴你能成功。仍然
RSA_padding_check_PKCS1_type_1: block type is not 01 (SHA-1)错误似乎无关。你是怎么修的?
标签: android ssl ksoap2 certificate self-signed