我开发了一个演示android应用程序,它通过安全websocket协议连接到在线服务器。当开始连接时,我得到了"未找到认证路径的信任锚"错误。我搜索了这个错误,只发现了相关的HTTPS,我不知道如何在websocket (wss)中开发。
和我使用Autobahn-SW库websocket。
代码在这里(在我活动类):
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
final WebSocketConnection mConnection = new WebSocketConnection();
final String wsuri = "wss://myserver_url";
try {
mConnection.connect(URI.create(wsuri), new WebSocketConnectionObserver() {
@Override
public void onOpen() {
System.out.println("onOpend----> sending msg...");
mConnection.sendTextMessage("hello");
}
@Override
public void onClose(WebSocketCloseNotification code, String reason) {
System.out.println("onClosed---> " + reason);
}
@Override
public void onTextMessage(String payload) {
System.out.println("onTextmessage---> " + payload);
}
@Override
public void onRawTextMessage(byte[] payload) {
}
@Override
public void onBinaryMessage(byte[] payload) {
}
});
} catch (Exception e) {
e.printStackTrace();
}
}
和我得到错误如下:
07-21 13:16:46.159: D/de.tavendo.autobahn.secure.WebSocketConnection(4023): WebSocket connection created.
07-21 13:16:46.329:
D/de.tavendo.autobahn.secure.WebSocketReader(4023): WebSocket reader created.
07-21 13:16:46.349:
D/de.tavendo.autobahn.secure.WebSocketConnection(4023): WebSocket reader created and started.
07-21 13:16:46.349:
D/de.tavendo.autobahn.secure.WebSocketWriter(4023): WebSocket writer created.
07-21 13:16:46.449:
E/de.tavendo.autobahn.secure.WebSocketReader(4023): java.security.cert.CertPathValidatorException: Trust anchor for certification path not
found.
07-21 13:16:46.479: E/de.tavendo.autobahn.secure.WebSocketWriter(4023): Socket is closed
07-21 13:16:46.479:
D/de.tavendo.autobahn.secure.WebSocketWriter(4023): WebSocker writer running.
07-21 13:16:46.479:
D/de.tavendo.autobahn.secure.WebSocketConnection(4023): WebSocket writer created and started.
07-21 13:16:46.499:
D/de.tavendo.autobahn.secure.WebSocketConnection(4023): fail connection [code = INTERNAL_ERROR, reason = WebSockets internal error
(java.lang.NullPointerException)
07-21 13:16:46.499: D/de.tavendo.autobahn.secure.WebSocketReader(4023): quit
07-21 13:16:46.499:
D/de.tavendo.autobahn.secure.WebSocketWriter(4023): WebSocket writer ended.
07-21 13:16:46.499:
D/de.tavendo.autobahn.secure.WebSocketConnection(4023): SocketThread exited.
如何连接Secure websocket (wss) ?代码示例会有所帮助。
感谢@Jack,我解决了如下解决方案:对于我的情况,我的服务器生成自签名证书。但以下代码将(应该)在服务器获得相关的有效SSL证书后不需要。
我得到了解决方案,这太HTTPS GET (SSL)与Android和自签名服务器证书。
/*************************************************************************************************/
/* Below code is only purposed for Testing, Not to use in real environment */
/**
* Setting custom Trust managers which are intended to allow SSL connection to server.
* This custom trust managers are allowing for all connection types, so this may cause network connection security leak.
* So those are used only for testing purposes.
*
* Doc - http://developer.android.com/training/articles/security-ssl.html#SelfSigned
* */
WebSocketClient.setTrustManagers(new TrustManager[] {
new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] chain, String authType) {}
public void checkServerTrusted(X509Certificate[] chain, String authType) {}
public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[]{}; }
}
});
/*************************************************************************************************/
wsClient = new WebSocketClient(uri, this , extraHeaders);
wsClient.connect();
这个错误背后最常见的原因是;颁发证书的证书颁发机构未知。证书不是由已知的权威机构签名的,或者是自签名的,或者是中间证书的某种问题。
我推荐参考Android开发者社区分享的官方指南。https://developer.android.com/training/articles/security-ssl.html