如果我将目标SDK切换为24,我会收到以下错误:
javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValIDatorException: Trust anchor for certification path not found. at com.androID.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:361) at androID.net.SSLCertificateSocketFactory.verifyHostname(SSLCertificateSocketFactory.java:198) at androID.net.SSLCertificateSocketFactory.createSocket(SSLCertificateSocketFactory.java:443) at org.apache.http.conn.ssl.SSLSocketFactory.createSocket(SSLSocketFactory.java:394) at org.apache.http.impl.conn.DefaultClIEntConnectionoperator.openConnection(DefaultClIEntConnectionoperator.java:170) at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:169) at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:124) at org.apache.http.impl.clIEnt.DefaultRequestDirector.execute(DefaultRequestDirector.java:366) at org.apache.http.impl.clIEnt.AbstracthttpClIEnt.execute(AbstracthttpClIEnt.java:560) at org.apache.http.impl.clIEnt.AbstracthttpClIEnt.execute(AbstracthttpClIEnt.java:492) at com.worklight.wlclIEnt.WLRequestSender.run(WLRequestSender.java:47) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1133) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:607) at java.lang.Thread.run(Thread.java:761) Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValIDatorException: Trust anchor for certification path not found. at com.androID.org.conscrypt.TrustManagerImpl.verifyChain(TrustManagerImpl.java:563) at com.androID.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:444) at com.androID.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:508) at com.androID.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:508) at com.androID.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:401) at com.androID.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:375) at com.androID.org.conscrypt.TrustManagerImpl.getTrustedChainForServer(TrustManagerImpl.java:304) at androID.security.net.config.NetworkSecurityTrustManager.checkServerTrusted(NetworkSecurityTrustManager.java:94) at androID.security.net.config.RoottrustManager.checkServerTrusted(RoottrustManager.java:88) at com.androID.org.conscrypt.Platform.checkServerTrusted(Platform.java:178) at com.androID.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:596) at com.androID.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method) at com.androID.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:357) ... 13 more Caused by: java.security.cert.CertPathValIDatorException: Trust anchor for certification path not found.
切换回23,它再次起作用.
关于证书的最低要求,24有什么变化吗?
By default secure (e.g. TLS,httpS) connections from all apps trust the pre-installed system CAs,and apps targeting API level 23 (AndroID M) and below also trust the user-added CA store by default.
(自the network security configuration docs起)
要解决此问题,您需要定义network security configuration XML资源:
<?xml version="1.0" enCoding="utf-8"?><network-security-config> <base-config> <trust-anchors> <certificates src="system"/> <certificates src="user"/> </trust-anchors> </base-config></network-security-config>
然后,从< application>中的androID:networkSecurityConfig属性指向该XML资源.清单中的元素.
通常,AndroID 7.0通过网络安全配置子系统(androID.security.net.config.RoottrustManager和来自堆栈跟踪的亲属)路由httpS.此处引入的其他兼容性问题可能与targetSdkVersion相关联.因此,如果缺少用户证书不是您的问题,并且您可以创建一个再现问题的示例项目,file an issue.由于我维护a backport of that stuff,我将有兴趣了解任何错误. 总结
以上是内存溢出为你收集整理的Android是否更改了API 24中的SSL配置?全部内容,希望文章能够帮你解决Android是否更改了API 24中的SSL配置?所遇到的程序开发问题。
如果觉得内存溢出网站内容还不错,欢迎将内存溢出网站推荐给程序员好友。
欢迎分享,转载请注明来源:内存溢出
微信扫一扫
支付宝扫一扫
评论列表(0条)