2
java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.NETWORK
嗨而我打电话从改造一个API服务,我得到这个错误,我搜索了很多,发现答案像java.security.cert.CertPathValidatorException:信任锚认证路径不found.NETWORK
private static void setupRestClient() {
RestAdapter restAdapter = new RestAdapter.Builder()
.setLogLevel(RestAdapter.LogLevel.FULL)
.setEndpoint(ROOT)
//.setClient(new OkClient(new com.squareup.okhttp.OkHttpClient()))
//.setClient(getOkClient())
.setClient(setSSLFactoryForClient(new com.squareup.okhttp.OkHttpClient()))
.setRequestInterceptor(new SessionRequestInterceptor())
.setLogLevel(RestAdapter.LogLevel.FULL)
.setLog(new AndroidLog(NetworkUtil.APP_TAG))
.build();
REST_CLIENT = restAdapter.create(Restapi.class);
}
// SET SSL
public static OkClient setSSLFactoryForClient(OkHttpClient client) {
try {
// Create a trust manager that does not validate certificate chains
final TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
}
};
// Install the all-trusting trust manager
final SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
// Create an ssl socket factory with our all-trusting manager
final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
client.setSslSocketFactory(sslSocketFactory);
client.setHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
} catch (Exception e) {
throw new RuntimeException(e);
}
return new OkClient(client);
}
使用setSSLFactoryForClient方法后,它做工精细,但我不明白怎么回事错的,什么这个方法做,我知道这个问题是关系到SSL证书认证,但任何一个可以解释我这短暂请
非常感谢尤里!当我更改URL(所有方法相同只是更改url)到其他服务器,它给了我完美的回应,是否意味着服务器URL没有给予回应使用一些安全屏障,并且此代码绕过 –
“这是禁用安全的SSL。这对本地测试是正确的,但不适合真实用户使用。“正如你所说的那样,而不是什么正确的方法来解决这个问题 –
如果其他服务器生成一个有效的证书,并被其他客户端接受,例如卷曲在桌面上。然后,修复程序可能会在运行时或通过keytool将其颁发的证书添加到信任库。 例如https://github.com/square/okhttp/blob/master/samples/guide/src/main/java/okhttp3/recipes/CustomTrust.java 如果其他服务器只使用测试证书,那么您的代码适用于测试。 –