Android Build HTTPS Server

On Android on the server with the HTTP protocol, the demand is a little wonderful, not to use HTTPS more drunk. Only one-way HTTPS authentication is required here, not two-way authentication.

This article uses the Open source framework nanohttpd (HTTPS://GITHUB.COM/NANOHTTPD/NANOHTTPD), which is imported locally on the release page of the download jar package.

The use of Nano is relatively simple, integrated nanohttpd This class, the serve function can be overloaded.

The emphasis here is on the use of HTTPS, which may be a bit of a hassle. The following details are explained

public class Centerservice extends service{private static final String TAG = CenterService.class.getSimpleName ();    private static final int server_port = 4567;    Soudboxserver Soudboxserver;        @Override public void OnCreate () {super.oncreate ();        Soudboxserver = new Soudboxserver (server_port,this);        LOG.I (TAG, "Create Server"); New Thread (New Runnable () {@Override public void run () {try {Lo                    G.I (TAG, "Server thread Start");                    Createmysslfactory ();                    Soudboxserver.start ();                        try {Long start = System.currenttimemillis ();                        Thread.Sleep (100L);                            while (!soudboxserver.wasstarted ()) {thread.sleep (100L);       if (System.currenttimemillis ()-Start > a) {assert.fail ("Could not start server");                     }}} catch (Interruptedexception e) {}                LOG.I (TAG, "server Start");                } catch (IOException e) {e.printstacktrace ();                } catch (Certificateexception e) {e.printstacktrace ();                } catch (NoSuchAlgorithmException e) {e.printstacktrace ();                } catch (Unrecoverablekeyexception e) {e.printstacktrace ();                } catch (Keystoreexception e) {e.printstacktrace ();                } catch (Keymanagementexception e) {e.printstacktrace ();    }}). Start ();    } @Nullable @Override public ibinder onbind (Intent Intent) {return null; } @Override public int onstartcommand (Intent Intent, int flags, int. Startid) {return Super.onstartcommand (in   Tent, flags, Startid); } @Override public void OnDestroy () {Super.ondestroy ();        if (null! = Soudboxserver) {soudboxserver.stop ();    }} private static final String keystore_pwd = "Ssltest"; private void Createmysslfactory () throws NoSuchAlgorithmException, Keystoreexception, IOException,        Unrecoverablekeyexception, Keymanagementexception, certificateexception {inputstream InputStream = null;        Select the version of the security protocol Sslcontext CTX = Sslcontext.getinstance ("TLS");        Keymanagerfactory keymanagers = keymanagerfactory.getinstance (Keymanagerfactory.getdefaultalgorithm ());        InputStream = Getresources (). Openrawresource (R.raw.test);        Select the KeyStore storage type, Andorid only support BKS KeyStore KS = keystore.getinstance ("BKS");        Ks.load (InputStream, Keystore_pwd.tochararray ());        Keymanagers.init (KS, Keystore_pwd.tochararray ());        Ctx.init (keymanagers.getkeymanagers (), NULL, NULL); Sslserversocketfactory serversocketfactory = Ctx.getserveRsocketfactory ();    Soudboxserver.makesecure (Serversocketfactory,null); }}

The above code can not be used directly, understand the meaning is good. It's a step-by-step explanation about the Createmyssfactory function.

Step one: Generate a certificate

Android only supports BKS format certificate, if the default Keytool tool generated by the JKS format , in the case of the above can not run through.

First click Next to download Http://www.bouncycastle.org/download/bcprov-ext-jdk15on-155.jar

and put it in the%java_home%\jre\lib\ext directory.

Locate%java_home%\jre\lib\security\java.security This file, edit it, and add the following:

Security.provider.11=org.bouncycastle.jce.provider.bouncycastleprovider

via cmd command line input:keytool-genkey-keystore test.keystore-keyalg rsa-keypass ssltest-storepass ssltest-storetype Bks-pro Vider Org.bouncycastle.jce.provider.BouncyCastleProvider

-keystore is followed by the name of the generated file.

-keypass is a password that is set (the official word is to change the store password of the KeyStore)

--storepass is a password that is set (the official statement is the key password for the purpose of changing the bar)

After the above command, you can generate a Test.keystore file, which can be viewed by the following command:

Keytool-list-v-keystore test.keystore-storepass Ssltest-storetype BKS

As follows:

Step two: Place the generated Test.keystore in the raw directory of the resource

All information on SSL is described in detail on the official website:

Http://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/JSSERefGuide.html#Debug

Then use the most recently started to paste out the code, the pro-test is feasible.

Android Build HTTPS Server