There is a dearth of SDK documentation on how to work with SSL connections on Android with self-signed certificate. Here is a method that stores a self-signed certificate in the application resource and then later uses that certificate for SSL connections.
1. We create a self-signed server certificate for our SSL server:
keytool -genkey -dname "cn=ssltest, ou=test, o=example, c=US"
-alias ssltest -keypass ssltest -keystore c:\test\ssltest.keystore
-storepass ssltest -validity 180
2. We export the certificate to a file:
keytool -export -alias ssltest -keystore c:\test\ssltest.keystore
-file c:\test\ssltest.cer -storepass ssltest -keypass ssltest
3. Since Android uses the JCEprovider from Bouncy Castle, we download the provider jar bcprov-jdk16-145.jar from BC and store it at C:\androidproject\libs.
4. Now, we import the server certificate to our Android project as a raw resource:
keytool -import -alias ssltestcert -file C:\test\ssltest.cer
-keypass ssltestcert -keystore C:\androidproject\res\raw\ssltestcert
-storetype BKS -storepass ssltestcert
-providerClass org.bouncycastle.jce.provider.BouncyCastleProvider
-providerpath c:\androidproject\libs\bcprov-jdk16-145.jar
Note that we give it a store type BKS.
If you use the Eclipse ADK, the ADK will automatically create a resource idssltestcert after you refresh the project.
5. We can now use the server certificate in our Java program:
656
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
