未找到 Android SSL 连接的信任锚

Trust Anchor not found for Android SSL Connection(未找到 Android SSL 连接的信任锚)

本文介绍了未找到 Android SSL 连接的信任锚的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试连接到运行 Godaddy 256 位 SSL 证书的 IIS6 机器,但出现错误:

I am trying to connect to an IIS6 box running a godaddy 256bit SSL cert, and I am getting the error :

java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

一直在尝试确定可能是什么原因造成的,但现在画的是空白.

Been trying to determine what could be causing that, but drawing blanks right now.

这是我的连接方式:

HttpsURLConnection conn;              
conn = (HttpsURLConnection) (new URL(mURL)).openConnection();
conn.setConnectTimeout(20000);
conn.setDoInput(true);
conn.setDoOutput(true);
conn.connect();
String tempString = toString(conn.getInputStream());

推荐答案

@Chrispix 的解决方案很危险!信任所有证书允许任何人进行中间人攻击!只需将任何证书发送给客户端,它就会接受它!

The solution of @Chrispix is dangerous! Trusting all certificates allows anybody to do a man in the middle attack! Just send ANY certificate to the client and it will accept it!

将您的证书添加到自定义信任管理器,如本文所述:通过 HTTPS 使用 HttpClient 信任所有证书

Add your certificate(s) to a custom trust manager like described in this post: Trusting all certificates using HttpClient over HTTPS

虽然使用自定义证书建立安全连接有点复杂,但它会给您带来想要的 ssl 加密安全性,而不会有中间人攻击的危险!

Although it is a bit more complex to establish a secure connection with a custom certificate, it will bring you the wanted ssl encryption security without the danger of man in the middle attack!

这篇关于未找到 Android SSL 连接的信任锚的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!

本文标题为:未找到 Android SSL 连接的信任锚

基础教程推荐