標籤:cat 匯入 com nan raw 架構 put runnable gem
在android上採用http協議的伺服器,需求有點奇葩,非要用https更是醉了。這裡只要求單向https認證,不要雙向認證。
本文採用的開源架構Nanohttpd( https://github.com/NanoHttpd/nanohttpd ),在release頁面下載jar包本地進行匯入.
Nano的使用比較簡單,整合NanoHTTPD這個類,對serve函數進行重載即可。
這裡強調使用是https,這個可能比較的麻煩。下面詳細進行說明
public class CenterService extends Service{ private static final String TAG = CenterService.class.getSimpleName(); private static final int SERVER_PORT = 4567; SoudboxServer soudboxServer; @Override public void onCreate() { super.onCreate(); soudboxServer = new SoudboxServer(SERVER_PORT,this); Log.i(TAG,"create server"); new Thread(new Runnable() { @Override public void run() { try { Log.i(TAG,"server thread start "); createMySSLFactory(); soudboxServer.start(); try { long start = System.currentTimeMillis(); Thread.sleep(100L); while (!soudboxServer.wasStarted()) { Thread.sleep(100L); if (System.currentTimeMillis() - start > 2000) { Assert.fail("could not start server"); } } } catch (InterruptedException e) { } Log.i(TAG,"server start"); } catch (IOException e) { e.printStackTrace(); } catch (CertificateException e) { e.printStackTrace(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (UnrecoverableKeyException e) { e.printStackTrace(); } catch (KeyStoreException e) { e.printStackTrace(); } catch (KeyManagementException e) { e.printStackTrace(); } } }).start(); } @Nullable @Override public IBinder onBind(Intent intent) { return null; } @Override public int onStartCommand(Intent intent, int flags, int startId) { return super.onStartCommand(intent, flags, startId); } @Override public void onDestroy() { super.onDestroy(); if(null != soudboxServer){ soudboxServer.stop(); } } private static final String KEYSTORE_PWD = "ssltest"; private void createMySSLFactory() throws NoSuchAlgorithmException, KeyStoreException, IOException, UnrecoverableKeyException, KeyManagementException, CertificateException { InputStream inputStream = null; //選擇安全性通訊協定的版本 SSLContext ctx = SSLContext.getInstance("TLS"); KeyManagerFactory keyManagers = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); inputStream = getResources().openRawResource(R.raw.test); //選擇keystore的儲存類型,andorid只支援BKS KeyStore ks = KeyStore.getInstance("BKS"); ks.load(inputStream, KEYSTORE_PWD.toCharArray()); keyManagers.init(ks, KEYSTORE_PWD.toCharArray()); ctx.init(keyManagers.getKeyManagers(), null, null); SSLServerSocketFactory serverSocketFactory = ctx.getServerSocketFactory(); soudboxServer.makeSecure(serverSocketFactory,null); }}
步驟一:產生認證
android 上面只支援BKS格式的認證,如果採用預設的Keytool工具產生的JKS格式的,在上面的情況下就跑不通的。
首先到點擊下個下載 http://www.bouncycastle.org/download/bcprov-ext-jdk15on-155.jar
然後將其放到%JAVA_HOME%\jre\lib\ext這個目錄下
找到%JAVA_HOME%\jre\lib\security\java.security這個檔案,進行編輯,加入以下內容:
security.provider.11=org.bouncycastle.jce.provider.BouncyCastleProvider
通過cmd命令列輸入:keytool -genkey -keystore test.keystore -keyalg RSA -keypass ssltest -storepass ssltest -storetype BKS -provider org.bouncycastle.jce.provider.BouncyCastleProvider
-keystore 後面接的是組建檔案的名字
-keypass 是設定的一個密碼(官方說法是更改密鑰庫的儲存口令)
--storepass 是設定的一個密碼(官方說法是更改條目的的密鑰口令)
經過上面的命令後,可以產生一個test.keystore的檔案,可以通過下面的命令進行查看:
keytool -list -v -keystore test.keystore -storepass ssltest -storetype BKS
如下:
步驟二:將產生的test.keystore放在資源的raw目錄下
關於SSL的所有資訊官網上有詳細說明:
http://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/JSSERefGuide.html#Debug
然後再使用最剛開始貼出來代碼即可,親測可行。
android 搭建https Server
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
