Android 设置客户端支持的TLS支持的版本号
2016-08-09 08:50
411 查看
前:最近做基于XMPP协议的IM,服务端用的是OpenFire,客户端用的Smack包,需要进行TLS加密服务端设置为只支持TLS1.2,可是我开加密的时候客户端总是TLS1,不知为何,最终在stackoverflow找到答案:http://stackoverflow.com/questions/37815995/android-smack-ssl-tls-connection-to-xmpp-ejabberd-server-with-ca-certificate
我的代码:
MySSLSocketFactory mySSLSocketFactory=null;
try {
KeyStore trustStore = KeyStore.getInstance("BKS");
mySSLSocketFactory = new MySSLSocketFactory(trustStore,服务器HOST);
} catch (KeyStoreException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (UnrecoverableKeyException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
}
userName=StringUtils.escapeJIDName(userName);
SmackConfiguration.setDefaultPacketReplyTimeout(30*1000);
DomainBareJid serviceName= null;
try {
serviceName = JidCreate.domainBareFrom(HttpUrl.getInstante().getEasyLifeHost());
} catch (XmppStringprepException e) {
e.printStackTrace();
}
mXmpptcpConnectionConfiguration=XMPPTCPConnectionConfiguration.builder()
.setServiceName(serviceName)
.setHost(HttpUrl.getInstante().getEasyLifeHost())
.setPort(5222)
// .setResource("Android")
.setUsernameAndPassword(userName, password)
.setSendPresence(isPresence)
.setDebuggerEnabled(true)
.setSecurityMode(SecurityMode.required)
.setCompressionEnabled(false)
.setConnectTimeout(30*1000)
.setCustomSSLContext(mySSLSocketFactory.getSSLContext())
.setHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
})
.setEnabledSSLProtocols(new String[]{"TLSv1","TLSv1.1","TLSv1.2"})
.build();
我的代码:
MySSLSocketFactory mySSLSocketFactory=null;
try {
KeyStore trustStore = KeyStore.getInstance("BKS");
mySSLSocketFactory = new MySSLSocketFactory(trustStore,服务器HOST);
} catch (KeyStoreException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (UnrecoverableKeyException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
}
userName=StringUtils.escapeJIDName(userName);
SmackConfiguration.setDefaultPacketReplyTimeout(30*1000);
DomainBareJid serviceName= null;
try {
serviceName = JidCreate.domainBareFrom(HttpUrl.getInstante().getEasyLifeHost());
} catch (XmppStringprepException e) {
e.printStackTrace();
}
mXmpptcpConnectionConfiguration=XMPPTCPConnectionConfiguration.builder()
.setServiceName(serviceName)
.setHost(HttpUrl.getInstante().getEasyLifeHost())
.setPort(5222)
// .setResource("Android")
.setUsernameAndPassword(userName, password)
.setSendPresence(isPresence)
.setDebuggerEnabled(true)
.setSecurityMode(SecurityMode.required)
.setCompressionEnabled(false)
.setConnectTimeout(30*1000)
.setCustomSSLContext(mySSLSocketFactory.getSSLContext())
.setHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
})
.setEnabledSSLProtocols(new String[]{"TLSv1","TLSv1.1","TLSv1.2"})
.build();
import org.apache.http.conn.ssl.SSLSocketFactory; import java.io.IOException; import java.net.Socket; import java.net.UnknownHostException; import java.security.KeyManagementException; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.UnrecoverableKeyException; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSocket; import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManagerFactory; import javax.net.ssl.X509TrustManager; public class MySSLSocketFactory extends SSLSocketFactory { private SSLContext sslContext = SSLContext.getInstance("TLS"); private String baseUrl; public MySSLSocketFactory(KeyStore truststore,String url) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { super(truststore); baseUrl=url; TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509"); trustManagerFactory.init(truststore); X509TrustManager trustManager=(X509TrustManager) trustManagerFactory.getTrustManagers()[0]; MyX509TrustManager myTrustManager = new MyX509TrustManager(trustManager); sslContext.init(null, new TrustManager[]{myTrustManager}, null); } public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException { SSLSocket sslSocket= (SSLSocket) sslContext.getSocketFactory().createSocket(socket, host, port, autoClose); sslSocket.setEnabledProtocols(new String[]{"TLSv1","TLSv1.1","TLSv1.2"}); return sslSocket; } public Socket createSocket() throws IOException { SSLSocket sslSocket=(SSLSocket) sslContext.getSocketFactory().createSocket(); sslSocket.setEnabledProtocols(new String[]{"TLSv1","TLSv1.1","TLSv1.2"}); return sslSocket; } public SSLContext getSSLContext(){ return sslContext; } public class MyX509TrustManager implements X509TrustManager { private X509TrustManager tm; public MyX509TrustManager(X509TrustManager tm) { this.tm = tm; } public X509Certificate[] getAcceptedIssuers() { throw new UnsupportedOperationException(); } public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { throw new UnsupportedOperationException(); } public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } }
相关文章推荐
- Android HTTPS、TLS版本支持相关解决方案
- Android HTTPS、TLS版本支持相关解决方案
- Android HTTPS、TLS版本支持相关解决方案 (2)
- Android HTTPS、TLS版本支持相关解决方案
- TeleMCU视频会议之Android版本WebRTC 客户端支持
- 兴奋:支持安卓(android)、苹果手机和平板电脑的WayOs版本
- Android2.2:'pthread_rwlock_t' does not name a type: android 2.3版本以下不支持读写锁的解决办法
- 【Android游戏开发二十七】讲解游戏开发与项目下的hdpi 、mdpi与ldpi资源文件夹以及游戏高清版本的设置
- Android GingerBread HoneyComb版本的USB支持。
- 【Android游戏开发二十七】讲解游戏开发与项目下的hdpi 、mdpi与ldpi资源文件夹以及游戏高清版本的设置
- 【转】设置Android支持语言和输入法
- 基于Java Socket实现的SMTP邮件客户端 - 全面支持SSL, TLS
- SQL Server 2005 Express 远程连接 客户端 远程访问 设置 全攻略 (适用 SQL Server 2005 其他版本)
- 设置Asp.net Ajax 客户端脚本版本
- SQL Server 2005 Express 远程连接 客户端 远程访问 设置 全攻略 (适用 SQL Server 2005 其他版本)
- 【Android游戏开发二十七】讲解游戏开发与项目下的hdpi 、mdpi与ldpi资源文件夹以及游戏高清版本的设置
- jQuery formValidator表单验证插件2.9.3版本已经支持对所有客户端控件的验证
- jQuery formValidator表单验证插件2.9.3版本已经支持对所有客户端控件的验证
- android xml 怎么设置版本最低和最高!
- 设置Asp.net Ajax 客户端脚本版本