How do I call a secure (SSL) webservice in Android, when Android does not see the certificate?
I'm new to Android and I'am struggling to make a call to an SSL web service for an Android Application. My code is as follows:
Log.v("fs", "Making HTTP call...");
HttpClient http = new DefaultHttpClient();
HttpGet request = new HttpGet("https://exampl开发者_运维技巧e.com/api");
try {
String response = http.execute(request, new BasicResponseHandler());
Log.v("fs", response);
} catch (Exception e) {
Log.v("fs", e.toString());
}
The Output is:
Making HTTP call...
javax.net.SSLPeerUnverifiedException: No peer certificate
Any suggestions to make this work would be great.
I should note that this is a valid cert. It is signed by an official CA.
Have you test that the mobile date and hour are the correct ones ??, if you are using SSL and have your mobile in 1990 it will return
javax.net.SSLPeerUnverifiedException: No peer certificate
Regards
Try the following. I have added SSLSocketFactory to handle SSL connections, plus it adds support for handling multiple connections simultaneously using ThreadSafeClientConnManager. You can remove socket timeout and connection timeouts.
SchemeRegistry schemeRegistry = new SchemeRegistry();
schemeRegistry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
schemeRegistry.register(new Scheme("mxiss", SSLSocketFactory.getSocketFactory(), 443));
HttpParams params = new BasicHttpParams();
int timeoutConnection = 5000;
HttpConnectionParams.setConnectionTimeout(params, timeoutConnection);
int timeoutSocket = 10000;
HttpConnectionParams.setSoTimeout(params, timeoutSocket);
params.setParameter(ConnManagerPNames.MAX_TOTAL_CONNECTIONS, 30);
params.setParameter(ConnManagerPNames.MAX_CONNECTIONS_PER_ROUTE, new ConnPerRouteBean(30));
params.setParameter(HttpProtocolParams.USE_EXPECT_CONTINUE, false);
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
ThreadSafeClientConnManager cm = new ThreadSafeClientConnManager(params, schemeRegistry);
_client = new DefaultHttpClient(cm, params);
Hope this helps.
If your client does not trust the server certificate register a different protocol and accept all certificates for that protocol. You should first register protocol before doing anything.
Protocol mxiss = new Protocol("mxiss", new EasySSLProtocolSocketFactory(), 443);
Protocol.registerProtocol("mxiss", mxiss);
Then instead of "https" you have to use "mxiss"
EasySSLProtocolSocketFactory comes from org.apache.commons.httpclient.contrib.ssl. Put the jar file http://repo1.maven.org/maven2/ca/juliusdavies/not-yet-commons-ssl/0.3.11/not-yet-commons-ssl-0.3.11.jar in your classpath.
SchemeRegistry schemeRegistry = new SchemeRegistry();
schemeRegistry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
schemeRegistry.register(new Scheme("mxiss", SSLSocketFactory.getSocketFactory(), 443));
HttpParams params = new BasicHttpParams();
int timeoutConnection = 5000;
HttpConnectionParams.setConnectionTimeout(params, timeoutConnection);
int timeoutSocket = 10000;
HttpConnectionParams.setSoTimeout(params, timeoutSocket);
params.setParameter(ConnManagerPNames.MAX_TOTAL_CONNECTIONS, 30);
params.setParameter(ConnManagerPNames.MAX_CONNECTIONS_PER_ROUTE, new ConnPerRouteBean);
params.setParameter(HttpProtocolParams.USE_EXPECT_CONTINUE, false);
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
ThreadSafeClientConnManager cm = new ThreadSafeClientConnManager(params, schemeRegistry);
_client = new DefaultHttpClient(cm, params);
I too think this is an issue with server's certificate. Pls check out the InstallCert.java program given here: http://blogs.oracle.com/andreas/entry/no_more_unable_to_find. This can be a good way to verify server's certificate. If you can't download that using this program, I would say, verify your server again.
Post your results after using this program here, and we will take it from there.
i assume you cannot have Get in HTTPS webservice. Only Method allowed is POST try that and see.
精彩评论