BlackBerry 上的默认客户端证书
我正在尝试使用 https 连接到服务器,当我这样做时,它说连接需要客户端证书。如果我按“是”继续,我将收到 TLSAlertException。
连接代码如下所示:
SecureConnection con = (SecureConnection)Connector.open("ssl://url:443");
我查看了模拟器(以及设备上)上的证书,默认情况下没有任何客户端(个人)证书。我尝试过通过代码生成一个,但我不知道如何使其显示在手机上的个人证书下。
我发现 这个,但是没有一个选项非常适合在设备上获取个人证书。
那么,是否有可能在模拟器上获得个人证书,最好是通过代码?
如果我能够获得一个,SecureConnection 在连接到服务器时会自动使用它吗?
如果没有,是否有图书馆可以实现这项工作?
I'm trying to connect to a server using https and when I do it says that the connection requires a client certificate. If I press yes to continue I'll get a TLSAlertException.
The connection code looks something like:
SecureConnection con = (SecureConnection)Connector.open("ssl://url:443");
I've looked at the certificates on the simulator (and also on a device) and there aren't any client (personal) certificates by default. I've tried generating one through code but I don't know how to make it show up under the personal certificates on the phone.
I found this but none of the options are very desirable to get a personal certificate on the device.
So, is it possible to get a personal certificate on the simulator, ideally through code?
If I am able to get one will the SecureConnection use it automatically when connecting to the server?
If not are there libraries out there that can make this work?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
因此,经过更多挖掘后,我发现了 Bouncy Castle TLS API。长话短说,到目前为止它似乎有效,但我将列出我所经历的步骤,因为我在此过程中遇到了一些障碍。
您可以从 http://www.bouncycastle.org/ 下载源代码以及类文件的 zip 文件latest_releases.html。在“Sources and Javadoc”部分下有 J2ME 的链接。
首先,我尝试将 cldc_classes.zip 作为外部 JAR 添加到构建路径中。充气城堡代码的代码完成现在可以在 Eclipse 中运行。所以我启动了模拟器,但当我尝试启动应用程序时,它给了我“启动应用程序时出错:找不到模块'cldc_classes.zip'”。我四处搜索,发现问题是我需要选中构建路径设置的“订单和导出”选项卡上的复选框。哎呀!
因此,我检查了它并尝试再次运行,但在模拟器启动之前收到“错误:预验证器失败”。更多搜索显示我必须预先验证 zip 文件才能工作,这似乎很容易。
使用 preverify 工具会出现很多错误和警告,看起来它们与 java 包中类的重复创建有关。在 Bouncy Castle 常见问题解答中,他们提到了类似的内容并建议混淆代码。
我找到了一个 java 混淆器,经过一番摆弄就能够混淆这些类。尝试预验证,但再次失败...我不想了解更多关于预验证的知识,所以我决定只导入源文件。
其中一个依赖ArrayList的包出现了错误,但似乎没有必要,我就把它删除了。尝试运行它时出现有关“重复属性不匹配:'MIDlet-name'”的错误。其中一个软件包中有一个 .jad 文件,我将其删除以消除错误。测试包也可以被删除而不会产生任何后果。
现在尝试运行我收到“Eclipse I/O 错误:无法运行程序“jar”:CreateProcess error=2”。一些搜索显示我需要将 java jdk bin 文件夹(例如 C:\Program Files\Java\jdk\bin)添加到 PATH 环境变量中。
最后我能够运行并且能够成功连接、发送和接收数据。可能有一种更好/更简单的方法来在项目中使用充气城堡罐子,既然我知道代码确实有效,我可能会考虑这样做。下面是一些连接的示例代码。
So after doing some more digging I found the Bouncy Castle TLS API. Long story short it seems to be working so far, but I'm going to list the steps I went through because I hit a few snags along the way.
You can download the source as well as the zips of the class files from http://www.bouncycastle.org/latest_releases.html. Under the "Sources and Javadoc" section there are links for J2ME.
First I tried to add the cldc_classes.zip as an external JAR to the build path. Code completion for the bouncy castle code was working in Eclipse now. So I started the simulator but when I tried to start the app it gave me "Error starting app: Module 'cldc_classes.zip' not found." I searched around and discovered the problem was that I needed to check the box on the "Order and Export" tab of the Build Path setup. Oops!
So I checked it and tried to run again but got an "Error: preverifier failed" before the simulator even launched. Some more searching revealed I had to preverify the zip file for it to work which seemed like it would be easy enough.
Using the preverify tool gave lots of errors and warnings that looked like they had something to do with the duplicate creation of classes in the java package. On the Bouncy Castle FAQs they mentioned something like this and suggested obfuscating the code.
I found a java obfuscator and after a bit of fiddling was able to obfuscate the classes. Tried to preverify and it failed again... I didn't want to learn more than I had to about preverifying so I decided to just import the source files.
One of the packages had errors relying on ArrayList, but it didn't seem to be necessary and I just deleted it. Attempting to run it there was an error about "duplicate attribute mismatch: 'MIDlet-name'". There was a .jad file in one of the packages that had this which I deleted to get rid of the error. The test packages could also be deleted without consequence.
Trying to run now I got "Eclipse I/O Error: Cannot run program "jar": CreateProcess error=2". Some searching revealed that I needed to add java jdk bin folder (something like C:\Program Files\Java\jdk\bin) to the PATH environment variable.
Finally I was able to run and I'm able to connect, send and receive data successfully. There is probably a better/easy way to use the bouncy castle jars in a project and I may look into doing that now that I know the code actually works. Below is some sample code for the connection.