Hi,
I need to open a HttpsURLConnection with my own certificate. I've
found this for Java (not Android) on
http://forums.sun.com/thread.jspa?threadID=411937&messageID=1886339
--------------------------------------------------------------------------------------------
public static String readFromURL( String httpsUrl, String login,
String password ) throws NoSuchAlgorithmException,
KeyManagementException,
MalformedURLException,
UnknownHostException,
IOException {
// Variabeln
TrustManager[] trustAllCerts;
SSLContext sc;
URL url;
HttpsURLConnection connection;
String s;
String base64;
BufferedReader reader;
StringBuffer str;
String line;
trustAllCerts = new TrustManager[] { new X509TrustManagerImpl()
};
// Let us create the factory where we can set some parameters
for
the connection
sc = SSLContext.getInstance( "SSL" );
sc.init( null, trustAllCerts, new SecureRandom() );
// Create the socket connection and open it to the secure
remote web
server
url = new URL( httpsUrl );
HttpsURLConnection.setDefaultSSLSocketFactory(
sc.getSocketFactory
() );
connection = (HttpsURLConnection)url.openConnection();
// Once the connection is open to the remote server we have to
replace the default HostnameVerifier
// with one of our own since we want the client to bypass the
peer
and submitted host checks even
// if they are not equal. If this routine were not here, then
this
client would claim that the submitted
// host and the peer host are not equal.
connection.setHostnameVerifier( new HostnameVerifierImpl() );
// Make this URL connection available for input and output
connection.setDoOutput( true );
// Login
s = login + ":" + password;
base64 = "Basic " + new BASE64Encoder().encode( s.getBytes
() );
connection.setRequestProperty( "Authorization", base64 );
connection.connect();
// vom Stream lesen und als String zurückgeben
reader = new BufferedReader( new InputStreamReader
( connection.getInputStream() ) );
str = new StringBuffer();
while( (line = reader.readLine()) != null ) {
str.append( line + "\n" );
}
return( str.toString() );
}
--------------------------------------------------------------------------------------------
public class X509TrustManagerImpl implements X509TrustManager {
// Log4J
private static Logger logger = Logger.getLogger
( X509TrustManagerImpl.class );
/**
* Return an array of certificate authority certificates which are
trusted
* for authenticating peers.
* @return <code>X509Certificate[]</code> - Return an array of
certificate
* authority certificates which are trusted for authenticating peers.
*/
public X509Certificate[] getAcceptedIssuers() {
return( null );
}
/**
* Given the partial or complete certificate chain provided by the
peer,
* build a certificate path to a trusted root and return if it can
be
* validated and is trusted for client SSL authentication based on
the
* authentication type. The authentication type is determined by the
* actual certificate used. For instance, if RSAPublicKey is used,
the
* authType should be "RSA". Checking is case-sensitive.
* @param chain <code>X509Certificate[]</code> the peer certificate
chain
* @param authType <code>String</code> the authentication type based
on
* the client certificate
*/
public void checkClientTrusted( X509Certificate[] chain, String
authType ) {
}
/**
* Given the partial or complete certificate chain provided by the
peer,
* build a certificate path to a trusted root and return if it can
be
* validated and is trusted for server SSL authentication based on
the
* authentication type. The authentication type is the key exchange
* algorithm portion of the cipher suites represented as a String,
such
* as "RSA", "DHE_DSS". Note: for some exportable cipher suites, the
key
* exchange algorithm is determined at run time during the handshake.
For
* instance, for TLS_RSA_EXPORT_WITH_RC4_40_MD5, the authType should
be
* RSA_EXPORT when an ephemeral RSA key is used for the key exchange,
and
* RSA when the key from the server certificate is used. Checking is
* case-sensitive.
* @param chain <code>X509Certificate[]</code> the peer certificate
chain
* @param authType <code>String</code> the authentication type based
on
* the client certificate
*/
public void checkServerTrusted( X509Certificate[] chain, String
authType ) {
}
}
--------------------------------------------------------------------------------------------
public class HostnameVerifierImpl implements HostnameVerifier {
// Log4J
private static Logger logger = Logger.getLogger
( HostnameVerifierImpl.class );
/**
* Verify that the host name is an acceptable match with the server's
authentication scheme.
* @param hostname <code>String</code> the host name
* @param session <code>SSLSession</code> SSLSession used on the
connection to hos
*/
public boolean verify( String hostname, SSLSession session ) {
if( ! hostname.equals( session.getPeerHost() ) ) {
logger.warn( "Das Zertifikat " + session.getPeerHost()
+ " passt
nicht zum Host " + hostname );
}
return true;
}
}
--------------------------------------------------------------------------------------------
the problem inside android is, that base64encoder isnt integrated.
i've found a working one inside the jar:
http://www.winterwell.com/software/jtwitter.php
but its still not working. ssl seems not to be inside android :(
can you help me on this?
I can send the exception later...
greetings
darolla
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
-~----------~----~----~----~------~----~------~--~---
