これをデバッグする方法がわかりません。しばらくの間これを行っていましたが、ポインタをいただければ幸いです。
Android アプリと Nodejs サーバー間の ssl/tls 認証を試しています。Android アプリを実行すると、次のエラー メッセージが表示されます。
10-31 23:33:58.260: D/ExampleActivity(26199): Response code: 401
10-31 23:34:05.901: W/DefaultRequestDirector(26199): Authentication error: Unable to respond to any of these challenges: {}
クライアント認証の部分をコメントアウトし、基本的な SSL 認証を機能させようとしていることに注意してください。それでも同じ警告/エラーが表示されます。
NodeJ - Server.js
var https = require('https'),
fs = require('fs');
var options = {
key: fs.readFileSync('certs/server_key.pem'),
cert: fs.readFileSync('certs/server.pem'),
// ca: [fs.readFileSync('certs/client.pem')],
passphrase: '33333',
// requestCert: true,
// rejectUnauthorized: false
};
https.createServer(options, function (req, res) {
if (req.client.authorized) {
res.writeHead(200, {"Content-Type": "application/json"});
res.end('{"status":"approved"}');
} else {
res.writeHead(401, {"Content-Type": "application/json"});
res.end('{"status":"denied"}');
}
}).listen(8000);
アンドロイド
public class SecureHttpClient extends DefaultHttpClient {
private String ks = "11111";
private String ts = "22222";
private Context context;
public SecureHttpClient(final Context context) {
super();
this.context = context;
}
@Override
protected ClientConnectionManager createClientConnectionManager() {
SchemeRegistry registry = new SchemeRegistry();
SSLSocketFactory factory = newSslSocketFactory();
factory.setHostnameVerifier((X509HostnameVerifier) SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
registry.register(new Scheme("https", factory, 443));
HttpParams httpParams = new BasicHttpParams();
return new SingleClientConnManager(httpParams, registry);
}
private SSLSocketFactory newSslSocketFactory() {
try {
KeyStore keyStore = KeyStore.getInstance("BKS");
KeyStore trustStore = KeyStore.getInstance("BKS");
InputStream inKey= context.getResources().openRawResource(R.raw.client);
InputStream inTrust = context.getResources().openRawResource(R.raw.clienttruststore);
try {
keyStore.load(inKey, ks.toCharArray());
trustStore.load(inTrust, ts.toCharArray());
} finally {
inKey.close();
inTrust.close();
}
return new SSLSocketFactory(trustStore);
} catch (Exception e) {
throw new AssertionError(e);
}
}
}
// 主な活動
public class MainActivity extends Activity {
@Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
setStrictMode();
final HttpClient client = new SecureHttpClient(this);
// Provide ip or address to where your test server is runnning
final HttpGet request = new HttpGet("https://192.168.0.105:8000/");
HttpResponse response = null;
try {
response = client.execute(request);
} catch (ClientProtocolException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
Log.d("ExampleActivity", "Response code: " + response.getStatusLine().getStatusCode());
}
@TargetApi(9)
private void setStrictMode() {
StrictMode.ThreadPolicy policy = new StrictMode.ThreadPolicy.Builder().permitAll().build();
StrictMode.setThreadPolicy(policy);
}
@Override
public boolean onCreateOptionsMenu(Menu menu) {
getMenuInflater().inflate(R.menu.activity_main, menu);
return true;
}
}