com.android.volley.NoConnectionError: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

我从19到24在api上的logcat中遇到此错误,并且在我的应用程序中没有从服务器加载数据,我搜索了该错误并发现了solution
 @SuppressLint("TrulyRandom")
public static void handleSSLHandshake() {
    try {
        TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }

            @Override
            public void checkClientTrusted(X509Certificate[] certs, String authType) {
            }

            @Override
            public void checkServerTrusted(X509Certificate[] certs, String authType) {
            }
        }};

        SSLContext sc = SSLContext.getInstance("SSL");
        sc.init(null, trustAllCerts, new SecureRandom());
        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
        HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
            @Override
            public boolean verify(String arg0, SSLSession arg1) {
                return true;
            }
        });
    } catch (Exception ignored) {
    }
}

并在我的应用程序类onCreate中调用它,就解决了我的问题,但是在该答案中,如果找到该解决方案,则存在一个hint。此代码不相关,不应使用! Google禁止使用它。

所以谁知道谷歌允许该错误的替代解决方案是什么?

最佳答案

首先,您将需要生成您的证书文件,这是步骤

  • 转到Firefox浏览器上的网站链接
  • 单击网站链接
  • 右侧的绿色锁
  • 单击更多信息,然后查看证书
  • 将会出现一个新窗口,其中包含两个常规和详细信息
    选择详细信息
  • 单击导出以导出证书并保存此文件
    在android项目 Assets 中。

  • 在项目应用程序类中的第二个定义hurlStack变量,并在应用程序中使用next方法OnCreate方法
     private void handleCertificationOnOlderDevices() {
        try {
    
            CertificateFactory cf = CertificateFactory.getInstance("X.509");
            InputStream caInput = new
                                BufferedInputStream(getAssets().open("porter_cert.crt"));
            Certificate ca;
            try {
                ca = cf.generateCertificate(caInput);
                Log.d("certificate", ((X509Certificate) ca).getSubjectDN().toString());
            } finally {
                caInput.close();
            }
    
            String keyStoreType = KeyStore.getDefaultType();
            KeyStore keyStore = KeyStore.getInstance(keyStoreType);
            keyStore.load(null, null);
            keyStore.setCertificateEntry("ca", ca);
    
            String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
            TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
            tmf.init(keyStore);
    
            TrustManager[] trustManagers = tmf.getTrustManagers();
            final X509TrustManager origTrustmanager =
                                                    (X509TrustManager) trustManagers[0];
    
            TrustManager[] wrappedTrustManagers = new TrustManager[]{
                    new X509TrustManager() {
                       public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                            return origTrustmanager.getAcceptedIssuers();
                       }
    
                       public void checkClientTrusted(X509Certificate[] certs,
                       String authType)
                       {
                            try {
                                origTrustmanager.checkClientTrusted(certs, authType);
                            } catch (CertificateException e) {
                                e.printStackTrace();
                            }
                        }
    
                        public void checkServerTrusted(X509Certificate[] certs,
                        String authType)
                        {
                            try {
                                origTrustmanager.checkServerTrusted(certs, authType);
                            } catch (CertificateException e) {
                                e.printStackTrace();
                            }
                        }
                    }
            };
    
            SSLContext context = SSLContext.getInstance("TLS");
            context.init(null, tmf.getTrustManagers(), null);
    
            SSLSocketFactory sslSocketFactory = context.getSocketFactory();
            hurlStack = new HurlStack(null, sslSocketFactory);
    
        } catch (Exception e) {
            e.printStackTrace();
        }
    
    }
    

    并在volley requestQueue上使用hurlStack
        public RequestQueue getRequestQueue() {
           if (requestQueue == null)
               requestQueue = Volley.newRequestQueue(getApplicationContext(),
               hurlStack);
           return requestQueue;
        }
    

    第三,如果您将Glide用于图像,则第二个错误是与glide相关的ssl证书,您需要通过这种方式解决

    1-在应用程序中更新,将您的gilde和okhttp3构建为这些版本
        implementation "com.squareup.okhttp3:okhttp:3.8.1"
        implementation 'com.github.bumptech.glide:glide:4.9.0'
        annotationProcessor 'com.github.bumptech.glide:compiler:4.9.0'
        implementation ('com.github.bumptech.glide:okhttp3-integration:4.9.0'){
        exclude group: 'glide-parent'
        }
    

    2-将下一个类添加到您的项目中
    @GlideModule
    public class CustomGlideModule extends AppGlideModule {
       @Override
       public void registerComponents(Context context, Glide glide,
       Registryregistry) {
          if (Build.VERSION.SDK_INT <= Build.VERSION_CODES.N) {
              OkHttpClient client =
                            SafeOkHttpClient.getSafeOkHttpClient(context);
              OkHttpUrlLoader.Factory factory = new
                                           OkHttpUrlLoader.Factory(client);
              glide.getRegistry().replace(GlideUrl.class, InputStream.class,
              factory);
          }
       }
    
     }
    

    现在滑行将与您一起正常工作。

    关于android - 更少的api上的java.security.cert.CertPathValidatorException : Trust anchor for certification path not found.,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/55992416/

    10-13 09:10