我跑openssl s_client -connect mywishboard.com:443 | openssl x509 -noout -subject -issuer
,我得到以下有关证书的信息(由客户端开发人员设置好的)Android不信任证书
depth=2 C = IL, O = StartCom Ltd., OU = Secure Digital Certificate Signing, CN = StartCom Certification Authority
verify return:1
depth=1 C = IL, O = StartCom Ltd., OU = StartCom Certification Authority, CN = StartCom Class 1 DV Server CA
verify return:1
depth=0 CN = mywishboard.com
verify return:1
subject= /CN=mywishboard.com
issuer= /C=IL/O=StartCom Ltd./OU=StartCom Certification Authority/CN=StartCom Class 1 DV Server CA
然后我检查去Settings/system/trusted certificats
,看到StartCom有限公司是其中
然而,当我特林让HTTPS请求,他们抛出
javax.net.ssl.SSLHandshakeException:
java.security.cert.CertPathValidatorException:
Trust anchor for certification path not found
如果我使用卷曲-I https://mywishboard.com/xxx
,它返回
curl: (60) server certificate verification failed. CAfile: /etc/ssl
/certs/ca-certificates.crt CRLfile: none
是该证书的格式不正确,或者我需要明确地将其安装到Android设备?(但据我了解,如果证书与信任的CA发行人签署的,比我并不需要安装它,我是右)
CA不是StarCom是GoDaddy ..再次检查证书。 – vzamanillo
@vzamanillo刚刚检查:'issuer =/C = IL/O = StartCom Ltd./OU=StartCom证书颁发机构/ CN = StartCom Class 1 DV Server CA'或者我检查的方式错误? (我使用openssl s_client -connect mywishboard.com:443) – Yarh
只需简单地连接到https URL,无需端口并再次检查证书 – vzamanillo