com.android.volley.NoConnectionError: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
我从19到24在api上的logcat中遇到此错误,并且在我的应用程序中没有从服务器加载数据,我搜索了该错误并发现了solution
@SuppressLint("TrulyRandom")
public static void handleSSLHandshake() {
try {
TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
@Override
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
}};
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
});
} catch (Exception ignored) {
}
}
并在我的应用程序类onCreate中调用它,就解决了我的问题,但是在该答案中,如果找到该解决方案,则存在一个hint。此代码不相关,不应使用! Google禁止使用它。
所以谁知道谷歌允许该错误的替代解决方案是什么?
最佳答案
首先,您将需要生成您的证书文件,这是步骤
选择详细信息
在android项目 Assets 中。
在项目应用程序类中的第二个定义hurlStack变量,并在应用程序中使用next方法OnCreate方法
private void handleCertificationOnOlderDevices() {
try {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream caInput = new
BufferedInputStream(getAssets().open("porter_cert.crt"));
Certificate ca;
try {
ca = cf.generateCertificate(caInput);
Log.d("certificate", ((X509Certificate) ca).getSubjectDN().toString());
} finally {
caInput.close();
}
String keyStoreType = KeyStore.getDefaultType();
KeyStore keyStore = KeyStore.getInstance(keyStoreType);
keyStore.load(null, null);
keyStore.setCertificateEntry("ca", ca);
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keyStore);
TrustManager[] trustManagers = tmf.getTrustManagers();
final X509TrustManager origTrustmanager =
(X509TrustManager) trustManagers[0];
TrustManager[] wrappedTrustManagers = new TrustManager[]{
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return origTrustmanager.getAcceptedIssuers();
}
public void checkClientTrusted(X509Certificate[] certs,
String authType)
{
try {
origTrustmanager.checkClientTrusted(certs, authType);
} catch (CertificateException e) {
e.printStackTrace();
}
}
public void checkServerTrusted(X509Certificate[] certs,
String authType)
{
try {
origTrustmanager.checkServerTrusted(certs, authType);
} catch (CertificateException e) {
e.printStackTrace();
}
}
}
};
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), null);
SSLSocketFactory sslSocketFactory = context.getSocketFactory();
hurlStack = new HurlStack(null, sslSocketFactory);
} catch (Exception e) {
e.printStackTrace();
}
}
并在volley requestQueue上使用hurlStack
public RequestQueue getRequestQueue() {
if (requestQueue == null)
requestQueue = Volley.newRequestQueue(getApplicationContext(),
hurlStack);
return requestQueue;
}
第三,如果您将Glide用于图像,则第二个错误是与glide相关的ssl证书,您需要通过这种方式解决
1-在应用程序中更新,将您的gilde和okhttp3构建为这些版本
implementation "com.squareup.okhttp3:okhttp:3.8.1"
implementation 'com.github.bumptech.glide:glide:4.9.0'
annotationProcessor 'com.github.bumptech.glide:compiler:4.9.0'
implementation ('com.github.bumptech.glide:okhttp3-integration:4.9.0'){
exclude group: 'glide-parent'
}
2-将下一个类添加到您的项目中
@GlideModule
public class CustomGlideModule extends AppGlideModule {
@Override
public void registerComponents(Context context, Glide glide,
Registryregistry) {
if (Build.VERSION.SDK_INT <= Build.VERSION_CODES.N) {
OkHttpClient client =
SafeOkHttpClient.getSafeOkHttpClient(context);
OkHttpUrlLoader.Factory factory = new
OkHttpUrlLoader.Factory(client);
glide.getRegistry().replace(GlideUrl.class, InputStream.class,
factory);
}
}
}
现在滑行将与您一起正常工作。
关于android - 更少的api上的java.security.cert.CertPathValidatorException : Trust anchor for certification path not found.,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/55992416/