问题描述

我有一个使用 SignalR 的网站.下面的代码(取自 SignalR-Chat 示例)使用经过验证的 SSL 连接到生产站点.它使用来自 SignalR/java-client 的 jars.

I have a site which uses SignalR. The code below (taken from SignalR-Chat example) connects to the production site with its verified SSL. It uses the jars from SignalR/java-client.

但对于开发，我需要使用 IIS Express 和本地 SSL 连接到托管在我的计算机上的 VS 项目，我的 Nexus 无法也不应该验证，我收到以下错误:

But for development I need to connect to a the VS project which is hosted on my computer with IIS Express and a local SSL which my Nexus can't and not supposed to verify, and I get the following errors:

08-17 16:13:55.540    2153-6860//System.out﹕ HubConnection: Error executing request: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
08-17 16:13:55.541    2153-6859//System.err﹕ java.util.concurrent.ExecutionException: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

我已经在防火墙中打开了相关端口，我可以通过 Rest 请求访问 IIS Express.

I already opened the relevant ports in the firewall and I can reach the IIS Express with Rest requests.

代码如下:

public class gtSockets {

    public static final String URL = myUrl + "/signalr/hubs/";

    HubConnection connection;
    HubProxy hub;

    DemonThread thread;

    private Context context;

    private static gtSockets gtSockets;

    private gtSockets(Context context) {
        this.context = context;

        initConnection();
    }

    public static gtSockets newInstance(Context context) {
        if(gtSockets == null) {
            gtSockets = new gtSockets(context);
        }
        return gtSockets;
    }

    private void initConnection() {
        Platform.loadPlatformComponent(new AndroidPlatformComponent());


        connection = new HubConnection(URL, null, true, new Logger() {
            @Override
            public void log(String s, LogLevel logLevel) {

            }
        });


        hub = connection.createHubProxy("myHub");


        hub.on("broadcastMessage", new SubscriptionHandler2<String, String>() {
            @Override
            public void run(String msgType, String msg) {

            }
                }, String.class,String.class);

        thread = new DemonThread();
        thread.start();
    }

    public void destroy() {
        if(thread != null) {
            thread.cancel();
            thread = null;
        }

        if(connection != null) {
            connection.stop();
        }
    }


    private class MessageSendTask extends AsyncTask<String,String,String> {
        @Override
        protected String doInBackground(String... params) {
            hub.invoke("send","directory",params[1]);
            return "ok";
        }
    }

    private class DemonThread extends Thread {

        boolean isRunning = true;

        @Override
        public void run() {
            SignalRFuture<Void> awaitConnection = connection.start();
            while(isRunning) {
                try {
                    awaitConnection.get();
                } catch (InterruptedException | ExecutionException e){
                    e.printStackTrace();
                }
            }
            awaitConnection.cancel();
        }

        public void cancel() {
            if(isRunning) {
                isRunning = false;
            }
        }
    }
}

问题是如何设置 SignalR 以忽略 SSL 开发问题?！

The questions is how can I set SignalR to ignore SSL issues for development?!

谢谢.

推荐答案

如果只是为了开发，我想你可以参考下面的代码(在SO中有):

If just for development, I think you can refer the following code (available in SO):

public class HttpsTrustManager implements X509TrustManager {
    private static TrustManager[] trustManagers;
    private static final X509Certificate[] _AcceptedIssuers = new X509Certificate[] {};

    @Override
    public void checkClientTrusted(
        X509Certificate[] x509Certificates, String s)
    throws java.security.cert.CertificateException {}

    @Override
    public void checkServerTrusted(
        X509Certificate[] x509Certificates, String s)
    throws java.security.cert.CertificateException {}

    public boolean isClientTrusted(X509Certificate[] chain) {
        return true;
    }

    public boolean isServerTrusted(X509Certificate[] chain) {
        return true;
    }

    @Override
    public X509Certificate[] getAcceptedIssuers() {
        return _AcceptedIssuers;
    }

    public static void allowAllSSL() {
        HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {

            @Override
            public boolean verify(String arg0, SSLSession arg1) {
                return true;
            }

        });

        SSLContext context = null;
        if (trustManagers == null) {
            trustManagers = new TrustManager[] {
                new HttpsTrustManager()
            };
        }

        try {
            context = SSLContext.getInstance("TLS");
            context.init(null, trustManagers, new SecureRandom());
        } catch (NoSuchAlgorithmException | KeyManagementException e) {
            e.printStackTrace();
        }

        HttpsURLConnection.setDefaultSSLSocketFactory(context != null ? context.getSocketFactory() : null);
    }
}

然后在您的 Activity 中，在 SignalR 方法调用之前调用 HttpsTrustManager.allowAllSSL();.

Then in your Activity, call HttpsTrustManager.allowAllSSL(); before SignalR methods call.

这篇关于如何在 Android Studio 中设置 SignalR 以忽略 SSL 问题以进行开发的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持编程学习网！