如何在 Android 中使用 IMAP over SSL 连接到邮件服务器？

发布于 2024-11-14 19:53:07 字数 823 浏览 5 评论 0原文

我需要与 MailServer （自定义邮件服务器）建立连接。每当我尝试连接时，它都会抛出 javax.net.SSLException，不受信任的服务器证书异常。

我不知道如何为此创建证书。并且也不知道如何通过该证书来与邮件服务器建立安全连接。

我的代码是：

Properties props;// = new Properties();
            Session session;

            props=new Properties();

            props.put("mail.imap.socketFactory.port", "993");   
            props.put("mail.imap.socketFactory.class",   
                    "javx.net.ssl.SSLSocketFactory");   
            session=Session.getDefaultInstance(props, null);
            Store store = session.getStore("imaps");
            store.connect(hostName,portNumber, emailId,password);
            //the above statement throws the Exception    
            Folder folder = store.getFolder("INBOX");

我想知道如何为 Android 应用程序创建自签名证书。

原文

I need to establish the Connection with MailServer (Custom Mail server). Whenever I tried to connect it throws the javax.net.SSLException, Not trusted server certificate exception.

I don,t know how to create the certificate for this. And also don't know to pass that certificate to make the secure connection with mail server.

My Code is:

Properties props;// = new Properties();
            Session session;

            props=new Properties();

            props.put("mail.imap.socketFactory.port", "993");   
            props.put("mail.imap.socketFactory.class",   
                    "javx.net.ssl.SSLSocketFactory");   
            session=Session.getDefaultInstance(props, null);
            Store store = session.getStore("imaps");
            store.connect(hostName,portNumber, emailId,password);
            //the above statement throws the Exception    
            Folder folder = store.getFolder("INBOX");

I'd like to know how to create a self-signed certificate for an Android application.

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

此岸叶落 2024-11-21 19:53:07

创建自签名证书并不能解决您的问题，事实上您正在连接的服务器正在使用自签名证书，从而导致了您所看到的错误。

您要么需要购买受信任的证书并将其安装在邮件服务器上（这可能超出您的控制范围），要么需要更改 javamail 的行为以接受未经认可的机构签名的证书。

看看我对 android javamail api imap over ssl 这可能会帮助您实现第二个选项。

回复收藏 0 原文

骄兵必败 2024-11-21 19:53:07

未知证书的问题是 Java 中的一个已知问题。如果本地密钥库中没有正确的证书，您将无法直接连接到 HTTPS 服务器。

话虽这么说，我在我的一个应用程序中有一个 Apache HTTP 客户端的覆盖子句（与 Android 中使用的相同），您可以从那里开始并在其基础上构建以使其在 Android 上运行，

ClientConnectionManager cm = new SingleClientConnManager(params,     
    HttpsSecurityOverride.createAllowAllSchemeRegistry());
httpClient = new DefaultHttpClient(cm, params);

并且 HttpsSecurityOverride 类如下：

package net.milanaleksic.cuc.tools.async.http;

import java.io.IOException;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;

import javax.net.ssl.*;

import org.apache.http.conn.scheme.*;
import org.apache.http.conn.ssl.X509HostnameVerifier;

public class HttpsSecurityOverride {

    private static SchemeRegistry allowAllSchemeRegistry = null;

    private static class AllowAllTrustManager implements X509TrustManager {

        @Override public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[] {};
        }

        @Override public void checkClientTrusted(X509Certificate[] certs, String authType) {
        }

        @Override public void checkServerTrusted(X509Certificate[] certs, String authType) {
        }
    }

    private static class AllowAllHostnameVerifier implements X509HostnameVerifier {

        @Override public void verify(String arg0, SSLSocket arg1) throws IOException {
        }

        @Override public void verify(String arg0, X509Certificate arg1) throws SSLException {
        }

        @Override public void verify(String arg0, String[] arg1, String[] arg2) throws SSLException {
        }

        @Override public boolean verify(String arg0, SSLSession arg1) {
            return true;
        }

    }

    public static SchemeRegistry createAllowAllSchemeRegistry() throws Exception {
        synchronized (HttpsSecurityOverride.class) {
            if (allowAllSchemeRegistry != null)
                return allowAllSchemeRegistry;

            SSLContext sslContext = SSLContext.getInstance("SSL");

            // set up a TrustManager that trusts everything
            sslContext.init(null, new TrustManager[] { new AllowAllTrustManager() }, new SecureRandom());

            org.apache.http.conn.ssl.SSLSocketFactory sf = new org.apache.http.conn.ssl.SSLSocketFactory(sslContext);
            sf.setHostnameVerifier(new AllowAllHostnameVerifier());
            Scheme httpsScheme = new Scheme("https", sf, 443);
            allowAllSchemeRegistry = new SchemeRegistry();
            allowAllSchemeRegistry.register(httpsScheme);

            return allowAllSchemeRegistry;
        }
    }

}

祝你好运！

The problem with unknown certificates is a known problem in Java. You can't just connect to an HTTPS server without having a correct certificate in your local keystore.

That being said, I have in one of my application an override clause for Apache HTTP Client (same thing being used in Android), you can maybe start from there and build on it to get it running on Android

ClientConnectionManager cm = new SingleClientConnManager(params,     
    HttpsSecurityOverride.createAllowAllSchemeRegistry());
httpClient = new DefaultHttpClient(cm, params);

and the HttpsSecurityOverride class is as follows:

package net.milanaleksic.cuc.tools.async.http;

import java.io.IOException;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;

import javax.net.ssl.*;

import org.apache.http.conn.scheme.*;
import org.apache.http.conn.ssl.X509HostnameVerifier;

public class HttpsSecurityOverride {

    private static SchemeRegistry allowAllSchemeRegistry = null;

    private static class AllowAllTrustManager implements X509TrustManager {

        @Override public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[] {};
        }

        @Override public void checkClientTrusted(X509Certificate[] certs, String authType) {
        }

        @Override public void checkServerTrusted(X509Certificate[] certs, String authType) {
        }
    }

    private static class AllowAllHostnameVerifier implements X509HostnameVerifier {

        @Override public void verify(String arg0, SSLSocket arg1) throws IOException {
        }

        @Override public void verify(String arg0, X509Certificate arg1) throws SSLException {
        }

        @Override public void verify(String arg0, String[] arg1, String[] arg2) throws SSLException {
        }

        @Override public boolean verify(String arg0, SSLSession arg1) {
            return true;
        }

    }

    public static SchemeRegistry createAllowAllSchemeRegistry() throws Exception {
        synchronized (HttpsSecurityOverride.class) {
            if (allowAllSchemeRegistry != null)
                return allowAllSchemeRegistry;

            SSLContext sslContext = SSLContext.getInstance("SSL");

            // set up a TrustManager that trusts everything
            sslContext.init(null, new TrustManager[] { new AllowAllTrustManager() }, new SecureRandom());

            org.apache.http.conn.ssl.SSLSocketFactory sf = new org.apache.http.conn.ssl.SSLSocketFactory(sslContext);
            sf.setHostnameVerifier(new AllowAllHostnameVerifier());
            Scheme httpsScheme = new Scheme("https", sf, 443);
            allowAllSchemeRegistry = new SchemeRegistry();
            allowAllSchemeRegistry.register(httpsScheme);

            return allowAllSchemeRegistry;
        }
    }

}

Good luck!

回复收藏 0 原文

~没有更多了~