来源:蜘蛛抓取(WebSpider)
时间:2018-04-12 13:54
标签:
荣耀6 plus 刷机
BROM ERROR: S_DL_PMT_ERR_NO_SPACE(5069)是什么意思
华为h300-t00线刷出现BROM ERROR: S_DL_PMT_ERR_NO_SPACE(5069)提示,不知是什么意思,请大神们有哪位给解答一下。
后回答问题
向帮助了您的知道网友说句感谢的话吧!
提问期内,追加悬赏一次,可延长问题的有效期3天。悬赏越高,会吸引到越多的关注。
追加悬赏:&
&加载中...查看: 1364|回复: 1
现在手机是黑屏,不能开机
我用SP_Flash_Tool刷机提示以下错误
sp flash tool issues,BROM ERROR:S_FT_DA_INIT_SYNC_ERROR(4004)
sp flash tool issues,BROM ERROR:S_FT_ENABLE_DRAM_FALL(4032)
【5069错误】 BROM ERROR:S_DL_PMT_ERR_NO_SPACE(5069)
使用hq_mtk_customerdownload刷机提示DA ERROR,DL ERROR
有懂得朋友希望可以指点一下,谢谢
请输入验证码:
估计是包的问题,换原厂包试试。。
移动叔叔. 版权所有,专业的网络售后平台 (
商务合作||||博主最新文章
博主热门文章
您举报文章:
举报原因:
原文地址:
原因补充:
(最多只允许输入30个字)Android实践:实现https通信
近期由于公司的工作需要,需要将原有的http接口切换到https,故做了如下学习和整理。本文先简要说明https协议原理,然后https协议在和App的实践两方面进行讲述;
一、https协议原理
待整理... ...
二、https协议实践
理解上面的相关原理后,我们就开始实现HttpsServlet来模拟简单登录接口,然后通过浏览器和app的访问该https接口;
1.服务端http实现
我们首先实现服务端http协议的get和post通信,项目的结构和主要实现代码如下:
HttpsServlet.java:
public class HttpsServlet extends HttpServlet {
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
System.out.println(&doPost&);
doLoginRequest(req, resp);
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
System.out.println(&doGet&);
doLoginRequest(req, resp);
//实现简单的登录逻辑
private void doLoginRequest(HttpServletRequest req, HttpServletResponse resp) throws IOException {
PrintStream printStream = new PrintStream(resp.getOutputStream());
HttpsResponse httpsResponse = new HttpsResponse();
String userName = req.getParameter(&userName&);
String passWord = req.getParameter(&passWord&);
if (&123&.equals(userName) && &123&.equals(passWord)) {
httpsResponse.setCode(&000&);
httpsResponse.setMessage(&login success!&);
httpsResponse.setCode(&004&);
httpsResponse.setMessage(&login faild!&);
printStream.println(JSON.toJSONString(httpsResponse));
Archetype Created Web Application
HttpsServlet
main.com.chengxiang.servlet.HttpsServlet
HttpsServlet
/HttpsServlet
实现客户端登录的get和post请求,项目目录结构如下:
NextActivity.java:
public class NextActivity extends AppCompatActivity {
private EditText userNameEditT
private EditText passWorldEditT
private Button loginB
private TextView responseTextV
private Handler handler = new Handler() {
public void handleMessage(Message msg) {
super.handleMessage(msg);
switch (msg.what) {
Bundle bundle = msg.getData();
HttpsResponse httpsResponse = (HttpsResponse) bundle.getSerializable(&result&);
responseTextView.setText(httpsResponse.toString());
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_next);
userNameEditText = (EditText) findViewById(R.id.next_username_edittext);
passWorldEditText = (EditText) findViewById(R.id.next_password_password);
loginButton = (Button) findViewById(R.id.next_login_button);
responseTextView = (TextView) findViewById(R.id.next_response_text);
assert loginButton !=
loginButton.setOnClickListener(new View.OnClickListener() {
public void onClick(View v) {
responseTextView.setText(&&);
final String userName = userNameEditText.getText().toString();
final String passWorld = passWorldEditText.getText().toString();
new Thread(new Runnable() {
public void run() {
doLoginGet(userName, passWorld);
doLoginPost(userName,passWorld);
}).start();
* 执行登录Get请求
* @param userName 用户名
* @param passWorld 用户密码
private void doLoginGet(String userName, String passWorld) {
//服务器的ip地址根据你自己的欢迎修改
URL url = new URL(&http://100.80.28.137:8080/qserver/HttpsServlet?userName=& + userName + &&passWord=& + passWorld);
HttpURLConnection httpURLConnection = (HttpURLConnection) url.openConnection();
httpURLConnection.setRequestMethod(&GET&);
if (httpURLConnection.getResponseCode() == 200) {
BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(httpURLConnection.getInputStream()));
String result = new String();
String readL
if ((readLine = bufferedReader.readLine()) != null) {
result += readL
bufferedReader.close();
httpURLConnection.disconnect();
Message message = handler.obtainMessage();
message.what = 1;
Bundle bundle = new Bundle();
HttpsResponse httpsResponse = JSON.parseObject(result, HttpsResponse.class);
bundle.putSerializable(&result&, httpsResponse);
message.setData(bundle);
handler.sendMessage(message);
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (ProtocolException e) {
e.printStackTrace();
} catch (MalformedURLException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
* 执行登录Post请求
* @param userName 用户名
* @param passWorld 用户密码
private void doLoginPost(String userName, String passWorld) {
//服务器的ip地址根据你自己的欢迎修改
URL url = new URL(&http://100.80.28.137:8080/qserver/HttpsServlet&);
HttpURLConnection httpURLConnection = (HttpURLConnection) url.openConnection();
httpURLConnection.setRequestMethod(&POST&);
String params = &userName=& + userName + &&passWord=& + passW
BufferedWriter bufferedWriter = new BufferedWriter(new OutputStreamWriter(httpURLConnection.getOutputStream()));
bufferedWriter.write(params.toString());
bufferedWriter.flush();
if (httpURLConnection.getResponseCode() == 200) {
BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(httpURLConnection.getInputStream()));
String result = new String();
String readL
if ((readLine = bufferedReader.readLine()) != null) {
result += readL
bufferedReader.close();
httpURLConnection.disconnect();
Message message = handler.obtainMessage();
message.what = 1;
Bundle bundle = new Bundle();
HttpsResponse httpsResponse = JSON.parseObject(result, HttpsResponse.class);
bundle.putSerializable(&result&, httpsResponse);
message.setData(bundle);
handler.sendMessage(message);
} catch (MalformedURLException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
activity_next.xml:
Manifext.xml:
//增加网络访问权限
//登录Activity声明
启动服务器tomcat,运行客户端app效果如下:
启动Fiddler抓包如下,Get请求(Post请求可以自行实践)数据包如下,为明文传输!
接下来,我们就开始将当前http连接修改成https,并查看修改后的抓包情况。
2.生成密钥对、证书和信任证书库(详情请查阅http://docs.oracle.com/javase/7/docs/technotes/tools/solaris/keytool.html)
在生成该操作过程中,我们将主要用Keytool工具:
keytool:是一个数据证书的管理工具,keytool将密钥(key)和证书(certificates)存在一个称为keystore的文件中;
keystore:在keystore里,包含两种数据:密钥实体(key entity)-密钥(secret key)又或者是公私钥密钥对、可信任的证书实体(trusted certificate entries)-只包含公钥;
生成服务器证书库
C:\Users\chengxiang.peng.QUNARSERVERS&keytool -genkeypair -v -alias tomcat -keyalg RSA -keystore D:\ssl\tomcat.keystore -dname &CN=www.qserver.com,OU=pengchengxiang,O=pengchengxiang,L=Beijing,ST=Beijing,c=cn& -storepass 123456 -keypass 123456 -validity 365
正在为以下对象生成 2,048 位RSA密钥对和自签名证书 (SHA256withRSA) (有效期为 365天):
CN=www.qserver.com, OU=pengchengxiang, O=pengchengxiang, L=Beijing, ST=Beijing, C=cn
[正在存储D:\ssl\tomcat.keystore]
-genkey:创建一个新的密钥;
-alias:密钥别名,每个keystore都关联一个独一无二的别名;
-keyalg:使用的算法,使用RSA;
-keystore:密钥存储目录,保存在D:\ssl目录下;
CN(Common Name名字与姓氏)
OU(Organization Unit组织单位名称)
O(Organization组织名称)
L(Locality城市或区域名称)
ST(State州或省份名称)
C(Country国家名称)
-storepass:存取密码,这个密码供从keystore文件取信息的时候使用;
-keypass:私有密钥的密码;
-validity:有效期,365天;
注意1:生成服务端密钥时,alias必须为tomcat,否则后续启动tomcat服务的时候会报错Caused by: java.io.IOException: Alias name tomcat does not identify a key entry ;
注意2:生成服务端密钥库时,CN必须与服务端的域名或者ip地址相同,否则正常获取证书访问;
从服务器证书库中导出服务器证书
C:\Users\chengxiang.peng.QUNARSERVERS&keytool -export -v -alias tomcat -keystore D:\ssl\tomcat.keystore -storepass 123456 -rfc -file D:\ssl\tomcat.cer
存储在文件
生成客户端信任证书库(由服务端证书生成的证书库)
C:\Users\chengxiang.peng.QUNARSERVERS&keytool -import -v -alias tomcat -file D:\ssl\tomcat.cer -keystore D:\ssl\qproject.truststore -storepass 123456
-storetype BKS -provider org.bouncycastle.jce.provider.BouncyCastleProvider
所有者: CN=www.qserver.com, OU=pengchengxiang, O=pengchengxiang, L=Beijing, ST=Beijing, C=cn
发布者: CN=www.qserver.com, OU=pengchengxiang, O=pengchengxiang, L=Beijing, ST=Beijing, C=cn
序列号: 61c9f857
有效期开始日期: Sun Nov 06 18:14:44 CST 2016, 截止日期: Mon Nov 06 18:14:44 CST2017
MD5: 85:BE:DE:EF:43:1A:1B:BC:62:5A:D4:4C:BC:89:C3:E0
SHA1: 6A:D5:5F:88:FE:DA:63:9C:A6:85:6E:47:6A:76:FA:C6:CE:D9:A4:BE
SHA256: 3A:73:51:F3:75:06:E1:B5:DE:62:59:CB:18:60:BD:AE:F4:0F:2D:B0:7A:
02:CC:9D:37:27:87:AE:6F:7F:F6:AC
签名算法名称: SHA256withRSA
#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: F4 64 61 81 5B 41 4F C4
6F D6 CE 66 6D 02 84 17
.da.[AO.o..fm...
是否信任此证书? [否]:
证书已添加到密钥库中
[正在存储D:\ssl\qproject.truststore]
注意3:-storetype BKS,是Android上面可以识别的格式。如果不指定,jdk默认生成的格式是JKS。 -provider org.bouncycastle.jce.provider.BouncyCastleProvider,需要下载jar包bcprov-jdk16-146.jar放到JDK_HOME\jre\lib\ext\目录下。 注意需要jdk16,其他的版本android下面有版本不匹配的问题;
生成客户端证书库
C:\Users\chengxiang.peng.QUNARSERVERS&keytool -genkeypair -alias qproject -keyalg RSA -storetype PKCS12 -keystore D:\ssl\qproject.p12 -dname &CN=www.qserver.com,OU=pengchengxiang,O=pengchengxiang,L=Beijing,ST=Beijing,c=cn& -storepass 123456 -keypass 123456 -validity 365
从客户端证书库中导出客户端证书
C:\Users\chengxiang.peng.QUNARSERVERS&keytool -export -v -alias qproject -keystore D:\ssl\qproject.p12 -storetype PKCS12 -storepass 123456 -rfc -file D:\ssl\qproject.cer
存储在文件
生成服务端信任证书库(使得服务器信任客户端证书)
C:\Users\chengxiang.peng.QUNARSERVERS&keytool -import -v -alias qproject -file D:\ssl\qproject.cer -keystore D:\ssl\tomcat.keystore -storepass 123456
所有者: CN=www.qserver.com, OU=pengchengxiang, O=pengchengxiang, L=Beijing, ST=Beijing, C=cn
发布者: CN=www.qserver.com, OU=pengchengxiang, O=pengchengxiang, L=Beijing, ST=Beijing, C=cn
序列号: 6313eac6
有效期开始日期: Sun Nov 06 18:26:42 CST 2016, 截止日期: Mon Nov 06 18:26:42 CST2017
MD5: F6:1B:DB:98:DF:64:5E:8C:77:F1:6F:A7:DC:5D:B3:EB
SHA1: 78:7F:C2:30:A5:A7:60:91:5C:3E:D4:01:F1:C3:5B:CC:3E:09:5B:2E
SHA256: 8F:84:4D:DD:E6:1A:E7:68:CA:08:07:CC:45:75:D2:2F:CA:03:33:C3:E6:
95:DF:3C:2F:37:8E:6F:39:3F:47:A3
签名算法名称: SHA256withRSA
#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
FF 0B 04 02 05 3F
AA E8 5B 68 7A B1 DF 22
v......?..[hz..&
是否信任此证书? [否]:
证书已添加到密钥库中
[正在存储D:\ssl\tomcat.keystore]
查看证书库中的全部证书(服务器密钥库,客户端密钥库和信任库)
C:\Users\chengxiang.peng.QUNARSERVERS&keytool -list -keystore D:\ssl\tomcat.keystore -storepass 123456
密钥库类型: JKS
密钥库提供方: SUN
您的密钥库包含 2 个条目
qproject, , trustedCertEntry,
证书指纹 (SHA1): 78:7F:C2:30:A5:A7:60:91:5C:3E:D4:01:F1:C3:5B:CC:3E:09:5B:2E
tomcat, , PrivateKeyEntry,
证书指纹 (SHA1): 6A:D5:5F:88:FE:DA:63:9C:A6:85:6E:47:6A:76:FA:C6:CE:D9:A4:BE
C:\Users\chengxiang.peng.QUNARSERVERS&keytool -list -keystore D:\ssl\qproject.p12 -storepass 123456
密钥库类型: JKS
密钥库提供方: SUN
您的密钥库包含 1 个条目
qproject, , PrivateKeyEntry,
证书指纹 (SHA1): 78:7F:C2:30:A5:A7:60:91:5C:3E:D4:01:F1:C3:5B:CC:3E:09:5B:2E
C:\Users\chengxiang.peng.QUNARSERVERS&keytool -list -keystore D:\ssl\qproject.truststore -storepass 123456 -storetype BKS -provider org.bouncycastle.jce.provider.BouncyCastleProvider
密钥库类型: BKS
密钥库提供方: BC
您的密钥库包含 1 个条目
tomcat, , trustedCertEntry,
证书指纹 (SHA1): 6A:D5:5F:88:FE:DA:63:9C:A6:85:6E:47:6A:76:FA:C6:CE:D9:A4:BE
运行完成后,D:\ssl\目录下生成如下文件:
qproject.cer:客户端证书;
qproject.p12:客户端密钥;
qproject.truststore:客户端信任证书库;
tomcat.cer:服务端证书;
tomcat.keysotre:服务端密钥和信任证书库;
3.Tomcat的配置(详细请查阅:https://tomcat.apache.org/tomcat-9.0-doc/ssl-howto.html)
修改tomcat的配置文件${catalina.base}/conf/server.xml;
port:https访问的端口;
SSLEnabled:true,开启https服务;
scheme:https;
secure:true,开启服务端安全通信,客户端获取服务器端证书;
keystoreFile:D:\ssl\tomcat.keystore;
keystorePass:123456,服务器证书库密码;
clientAuth:true,开启验证客户端;
sslProtocol:TLS,使用的协议;
truststoreFile:D:\ssl\tomcat.keystore,服务器证书库(已导入客户端证书) ;
truststorePass:123456;
提示1:启动tomcat服务器,报错如下:
Caused by: java.io.IOException: Alias name tomcat does not identify a key entry
at org.apache.tomcat.util.net.jsse.JSSEUtil.getKeyManagers(JSSEUtil.java:306)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:90)
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:245)
at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:839)
at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:558)
at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:65)
at org.apache.catalina.connector.Connector.initInternal(Connector.java:1010)
... 13 more
处理1:检查你生成的服务器证书的-alias是否为tomcat
由于我们是在本机测试,并且在生成证书的时候CN配置了www.qserver.com,故我们在测试之前添加Hosts配置如下;
# httpstest
127.0.0.1 www.qserver.com
启动tomcat服务器,我们先用浏览器以get的方式测试下服务端https接口功能。访问成功!服务器接口修改完毕,接下来我们来修改客户端;
提示2:初次访问接口时,会出现如下错误:
处理2:由于服务器Https握手过程中,交换的证书不在浏览器信任的范围,故提示错误。
Internet选项-&内容-&证书-&受信任的根证书颁发机构-&导入-&tomcat.cer-&存入受信任的根证书颁发机构-&确认安装此证书;
4.客户端修改
添加项目目录asset,并在该目录下添加服务端验证客户端的证书qproject.p12,和客户端验证服务端的信任证书库qproject.truststore;
添加客户端https身份验证等相关逻辑;
HttpsHelper.java:
public class HttpsHelper {
//p12证书类型
private static final String KEY_STORE_TYPE_P12 = &PKCS12&;
//bks证书类型
private static final String KEY_STORE_TYPE_BKS = &bks&;
//客户端给服务器端认证的证书
private static final String KEY_STORE_QPRPJECT_PATH = &qproject.p12&;
//客户端验证服务器端的信任证书库
private static final String KEY_STORE_QPROJECTTRUST_PATH = &qproject.truststore&;
//客户端证书密码
private static final String KEY_STORE_PASSWORD = &123456&;
//客户端信任证书库密码
private static final String KEY_STORE_TRUST_PASSWORD = &123456&;
* 获取SSLContext
* @param context 上下文
* @return SSLContext
private static SSLContext getSSLContext(Context context) {
SSLContext sslContext =
//初始化服务器端需要验证的客户端证书-qprojectKeyStore、客户端信任的服务器端证书库-trustKeyStore
KeyStore qprojectKeyStore = KeyStore.getInstance(KEY_STORE_TYPE_P12);
KeyStore trustKeyStore = KeyStore.getInstance(KEY_STORE_TYPE_BKS);
InputStream qprojectInPutStream = context.getResources().getAssets().open(KEY_STORE_QPRPJECT_PATH);
InputStream trustInputStream = context.getResources().getAssets().open(KEY_STORE_QPROJECTTRUST_PATH);
qprojectKeyStore.load(qprojectInPutStream, KEY_STORE_PASSWORD.toCharArray());
trustKeyStore.load(trustInputStream, KEY_STORE_TRUST_PASSWORD.toCharArray());
} catch (Exception e) {
e.printStackTrace();
} finally {
qprojectInPutStream.close();
} catch (Exception e) {
e.printStackTrace();
trustInputStream.close();
} catch (Exception e) {
e.printStackTrace();
//初始化SSLContext上下文对象
sslContext = SSLContext.getInstance(&TLS&);
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(trustKeyStore);
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(&X509&);
keyManagerFactory.init(qprojectKeyStore, KEY_STORE_PASSWORD.toCharArray());
sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
} catch (Exception e) {
e.printStackTrace();
return sslC
* 获取HttpsURLConnection
* @param context 上下文
* @param url
* @param method
* @return HttpsURLConnection
public static HttpsURLConnection getHttpsURLConnection(Context context, String url, String method) {
HttpsURLConnection connection =
SSLContext sslContext = getSSLContext(context);
if (sslContext != null) {
u = new URL(url);
connection = (HttpsURLConnection) u.openConnection();
connection.setRequestMethod(method);//&POST& &GET&
connection.setDoOutput(true);
connection.setDoInput(true);
connection.setUseCaches(false);
connection.setSSLSocketFactory(sslContext.getSocketFactory());
connection.setConnectTimeout(30000);
//忽略请求域名和证书域名的校验
connection.setDefaultHostnameVerifier( new HostnameVerifier(){
public boolean verify(String string,SSLSession ssls) {
} catch (Exception e) {
e.printStackTrace();
NextActivity.java:修改获取HttpsURLConnection的方式,和域名https,其它不变
public class NextActivity extends AppCompatActivity {
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
* 执行登录Get请求
* @param userName 用户名
* @param passWorld 用户密码
private void doLoginGet(String userName, String passWorld) {
//修改获取HttpsURLConnection的方式,和域名https
String url = &https://192.168.1.103:8443/qserver/HttpsServlet?userName=& + userName + &&passWord=& + passW
HttpsURLConnection httpsURLConnection = HttpsHelper.getHttpsURLConnection(this,url,&GET&);
* 执行登录Post请求
* @param userName 用户名
* @param passWorld 用户密码
private void doLoginPost(String userName, String passWorld) {
提示1:在请求https接口的时候,报错如下:
11-06 17:53:36.244 /com.qunar.home W/System.err: java.io.IOException: Wrong version of key store.
11-06 17:53:36.245 /com.qunar.home W/System.err: at com.android.org.bouncycastle.jcajce.provider.keystore.bc.BcKeyStoreSpi.engineLoad(BcKeyStoreSpi.java:805)
11-06 17:53:36.245 /com.qunar.home W/System.err: at java.security.KeyStore.load(KeyStore.java:590)
11-06 17:53:36.245 /com.qunar.home W/System.err: at com.qunar.hotel.ssl.HttpsHelper.getSSLContext(HttpsHelper.java:46)
11-06 17:53:36.245 /com.qunar.home W/System.err: at com.qunar.hotel.ssl.HttpsHelper.getHttpsURLConnection(HttpsHelper.java:87)
11-06 17:53:36.245 /com.qunar.home W/System.err: at com.qunar.hotel.NextActivity.doLoginGet(NextActivity.java:83)
11-06 17:53:36.245 /com.qunar.home W/System.err: at com.qunar.hotel.NextActivity.access$300(NextActivity.java:27)
11-06 17:53:36.245 /com.qunar.home W/System.err: at com.qunar.hotel.NextActivity$2$1.run(NextActivity.java:67)
11-06 17:53:36.245 /com.qunar.home W/System.err: at java.lang.Thread.run(Thread.java:818)
处理:android系统只支持JKS默认证书格式,支持BKS,故生成客户端证书的时候使用DKS格式生成,见上面章节;
提示2:在请求https接口的时候,报错如下:
11-06 18:52:53.154 /com.qunar.home W/System.err: java.io.IOException: Hostname '192.168.1.103' was not verified
11-06 18:52:53.154 /com.qunar.home W/System.err: at com.android.okhttp.Connection.upgradeToTls(Connection.java:205)
11-06 18:52:53.155 /com.qunar.home W/System.err: at com.android.okhttp.Connection.connect(Connection.java:155)
11-06 18:52:53.155 /com.qunar.home W/System.err: at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:282)
11-06 18:52:53.155 /com.qunar.home W/System.err: at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:216)
11-06 18:52:53.155 /com.qunar.home W/System.err: at com.android.okhttp.internal.http.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:391)
11-06 18:52:53.155 /com.qunar.home W/System.err: at com.android.okhttp.internal.http.HttpURLConnectionImpl.getResponse(HttpURLConnectionImpl.java:341)
11-06 18:52:53.155 /com.qunar.home W/System.err: at com.android.okhttp.internal.http.HttpURLConnectionImpl.getResponseCode(HttpURLConnectionImpl.java:509)
11-06 18:52:53.155 /com.qunar.home W/System.err: at com.android.okhttp.internal.http.DelegatingHttpsURLConnection.getResponseCode(DelegatingHttpsURLConnection.java:105)
11-06 18:52:53.155 /com.qunar.home W/System.err: at com.android.okhttp.internal.http.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:25)
11-06 18:52:53.155 /com.qunar.home W/System.err: at com.qunar.hotel.NextActivity.doLoginGet(NextActivity.java:84)
11-06 18:52:53.155 /com.qunar.home W/System.err: at com.qunar.hotel.NextActivity.access$300(NextActivity.java:27)
11-06 18:52:53.155 /com.qunar.home W/System.err: at com.qunar.hotel.NextActivity$2$1.run(NextActivity.java:67)
11-06 18:52:53.155 /com.qunar.home W/System.err: at java.lang.Thread.run(Thread.java:818)
处理:由于我们在测试环境,故请求url中使用了服务器的ip,到时和证书中的 CN(Common Name名字与姓氏)不匹配(在正式的环境不会有该问题)。那么我们默认跳过该认证或者在正式线使用线上的域名访问:
//忽略请求域名和证书域名的校验
connection.setDefaultHostnameVerifier( new HostnameVerifier(){
public boolean verify(String string,SSLSession ssls) {
5.tomcat修改
原来的connector配置只有加解密,现在加上服务端身份验证相关配置,修改server.xml文件如下:
clientAuth:启动客户端身份验证;
truststoreFile:服务端信任的客户端证书库;
truststorePass:信任证书库密码;
6.测试Https接口
安装app,并重新启动tomcat服务,使用Fiddler抓取https请求使用加密传输!
QProject:https://github.com/Pengchengxiang/QProject 分支:feature/https
QServer:https://github.com/Pengchengxiang/QServer 分支:feature/https
