In brief:

  1. Get Volley fromgit clone https://android.googlesource.com/platform/frameworks/volley

  2. Get Android Volley Examples project fromgit clone git://github.com/ogrebgr/android_volley_examples.git

  3. Copy your keystore (BKS format) containing the self-signed public key in res/raw

  4. OpenAct_SsSslHttpClient in the examples project, find "R.raw.test" and replace it with your keystore name (without the .pem extension)

  5. Find "new SslHttpClient(" and replace the default password "test123" with the password for your keystore

  6. Replace "44400" with the HTTPS port of your server/virtualhost. If you use the standart 443 -- then you may remove this parameter entirely

  7. Replace "https://tp.bolyartech.com:44400/https_test.html" with your URL. Please make sure that you are using HTTPS otherwise it will work without as normal request, i.e. without encryption

  8. Start the app, go to "HTTPS with self-signed cert", then "Execute HTTPS request"

  9. If successful you will see something like "This is the result of successful HTTPS request. Congrats!". If some error occurres please check your logcat.

  10. CopySslHttpClient,SslSocketFactory,SsX509TrustManager and your keystore to your project and enjoy! :-)

In details:

When you create an android app there is no problem to execute HTTPS request against server with certificate issued by well-known Certification authority. However if you try to you use self-signed certificate you are in trouble -- certificate will be rejected by the trust manager because it cannot be traced to trusted root. Put simply: your certificate does not match any of the built-in (in android) certificates. The solution that I came with is to use external (and newer) HttpClient and provide my own TrustManager that has my self-signed certificate added in.

Few weeks ago, Volley came out. In my previous posting I demonstrated how to use an external HttpClient.Now I will build on that and provide description and example how to use Volley with self-signed certificate.

What will you need:

  • Volley Framework. You can get it using:git clone https://android.googlesource.com/platform/frameworks/volley

  • Volley Android Examples (aka examples).git clone git://github.com/ogrebgr/android_volley_examples.git

  • Your webserver/virtualhost setup with your self-signed certificate

  • the public key of the self-signed certificate (will be explained bellow)

I will assume that you will have Volley and the examples installed and running. I will assume that you have your server/virtualhost configured to use self-signed certificate (If you need info how to achieve that: this article may help).

1. Preparing your BKS keystore

Android uses keystores in BKS (Bouncy Castle) format. When you generated your certificate it is in PEM format so you will need to import it into a new BKS keystores. Some tutorials that show how to generate your certificate use one and the same file for the private and public keys. You need a file that contains only the public key, i.e. the content starting from "-----BEGIN CERTIFICATE-----" and ending with "-----END CERTIFICATE-----" (inclusive). If your certificate contains other rows please copy it with new name like my_server_cert.crt and remove those rows. Please note that the result must be plain text file, i.e. don't use fancy editors that may convert it to UTF-8 for example.

In order to create a BKS keystore you will need so called provider jar bcprov-jdk16-146.jar. Please note that you need to use this version. Newer versions will not work with Android (or at least with older versions before 4.1).

Use this command to import your cert into new BKS keystore:

keytool -importcert -v -trustcacerts -file "my_server_cert.crt" -alias imeto_alias -keystore "my.bks" -provider org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath "bcprov-jdk16-146.jar" -storetype BKS

where my_server_cert.crt is your apache certificate andmy.bks is the name of resulting BKS keystore file. Above command assumes that bothmy_server_cert.crt andbcprov-jdk16-146.jar are in the current directory.

You will be asked to choose some password.

2. Put the BKS keystore in the project

Put my.bks into the example project in directoryres/raw.

Follow the steps from "In brief" section above starting from 4.

If you need to use self-signed certificates in your own projects you will need following classesSslHttpClient,SslSocketFactory,SsX509TrustManager. You will need alsoExtHttpClientStack if you are not using it yet.

As always any comments, criticism and bug reports will be highly appreciated. :-)


更多相关文章

  1. 代码中设置drawableleft
  2. android 3.0 隐藏 系统标题栏
  3. Android开发中activity切换动画的实现
  4. Android(安卓)学习 笔记_05. 文件下载
  5. Android中直播视频技术探究之—摄像头Camera视频源数据采集解析
  6. 技术博客汇总
  7. android 2.3 wifi (一)
  8. AndRoid Notification的清空和修改
  9. Android中的Chronometer

随机推荐

  1. 【Arcgis for android】Error inflating
  2. android应用市场、社区客户端、漫画App、
  3. Android(安卓)Studio配置教程
  4. Android学习笔记---09_深入了解各种布局
  5. android 图片平铺实现
  6. [置顶] Android设备adb授权的原理
  7. Android自动化测试框架—Robotium 4.3介
  8. Android(安卓)SDK更新失败的解决方法
  9. android应用安全――数据安全
  10. Android群英传知识点回顾——第六章:Andro