【发布时间】:2018-06-05 11:04:53
【问题描述】:
我正在尝试使用 kSoap2 和 EasyWSDL 将我的 Android 应用程序连接到受 TLS 保护的 SOAP 端点,但出现以下异常:
W/System.err: javax.net.ssl.SSLHandshakeException: Connection closed by peer
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:351)
at com.android.okhttp.internal.io.RealConnection.connectTls(RealConnection.java:192)
at com.android.okhttp.internal.io.RealConnection.connectSocket(RealConnection.java:149)
W/System.err: at com.android.okhttp.internal.io.RealConnection.connect(RealConnection.java:112)
at com.android.okhttp.internal.http.StreamAllocation.findConnection(StreamAllocation.java:184)
at com.android.okhttp.internal.http.StreamAllocation.findHealthyConnection(StreamAllocation.java:126)
at com.android.okhttp.internal.http.StreamAllocation.newStream(StreamAllocation.java:95)
W/System.err: at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:281)
at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:224)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:461)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:127)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.getOutputStream(HttpURLConnectionImpl.java:258)
at com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.getOutputStream(DelegatingHttpsURLConnection.java:218)
at com.android.okhttp.internal.huc.HttpsURLConnectionImpl.getOutputStream(Unknown Source:0)
at org.ksoap2.transport.HttpsServiceConnectionSE.openOutputStream(HttpsServiceConnectionSE.java:127)
at com.easywsdl.exksoap2.mtom.MTOMTransportImplementation.sendData(MTOMTransportImplementation.java:65)
at com.easywsdl.exksoap2.transport.AdvancedHttpsTransportSE.sendData(AdvancedHttpsTransportSE.java:39)
at org.ksoap2.transport.HttpTransportSE.call(HttpTransportSE.java:184)
at com.easywsdl.exksoap2.transport.AdvancedHttpsTransportSE.call(AdvancedHttpsTransportSE.java:51)
这是我如何配置我的传输:
@Override
protected Transport createTransport() {
Transport transport = super.createTransport();
try {
if(transport instanceof HttpsTransportSE) {
HttpsTransportSE httpsTransport = (HttpsTransportSE)transport;
if(httpsTransport.getServiceConnection() instanceof HttpsServiceConnectionSE) {
HttpsServiceConnectionSE httpsServiceConnection = (HttpsServiceConnectionSE)httpsTransport.getServiceConnection();
httpsServiceConnection.setSSLSocketFactory(getSSLSocketFactory());
}
}
} catch (IOException e) {
Log.e(TAG, "Could not add key store", e);
} catch (NoSuchAlgorithmException e) {
Log.e(TAG, "Could not add key store", e);
} catch (KeyStoreException e) {
Log.e(TAG, "Could not add key store", e);
} catch (KeyManagementException e) {
Log.e(TAG, "Could not add key store", e);
}
this.transport = transport;
return transport;
}
private SSLSocketFactory getSSLSocketFactory() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(keyStore);
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), null);
return context.getSocketFactory();
}
我不确定如何解决此问题,或者我是否正确使用了密钥库。请帮忙。
【问题讨论】:
-
为什么在创建套接字时不包括 CA?服务器是否需要 CA?
-
您是否尝试过使用带有 CA 的 Android 本地密钥库?正如这里提到的stackoverflow.com/questions/12346368/…
标签: android soap tls1.2 android-ksoap2