Hostname was not verified ANDROID

2020-04-20 00:09发布

问题:

I am using ksoap lib to call the webservice . In some cases service run correctly but in a case it gives Host name was not verified below is my code for calling webservice.

 HttpTransportSE httpTransport = new HttpTransportSE(URL, MessageConstant.TIMEOUT_TIME);
            httpTransport.debug = true; // this is optional, use it if you don't want to use a packet sniffer to check what the sent message was (httpTransport.requestDump)
            httpTransport.call(SOAP_ACTION, envelope); // send request

here is my log cat for the same

java.io.IOException: Hostname 'XXX.XX.XXX.XXX' was not verified
at libcore.net.http.HttpConnection.verifySecureSocketHostname(HttpConnection.java:223)
at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.connect(HttpsURLConnectionImpl.java:446)
at libcore.net.http.HttpEngine.sendSocketRequest(HttpEngine.java:289)
at libcore.net.http.HttpEngine.sendRequest(HttpEngine.java:239)
at libcore.net.http.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:80)
at libcore.net.http.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:165)
at org.ksoap2.transport.ServiceConnectionSE.connect(ServiceConnectionSE.java:76)
at org.ksoap2.transport.HttpTransportSE.call(HttpTransportSE.java:152)
at org.ksoap2.transport.HttpTransportSE.call(HttpTransportSE.java:95)

回答1:

This link has several possible causes; none of the responses were marked "accepted":

  • java.io.IOException: Hostname was not verified

You should also look here:

  • http://developer.android.com/training/articles/security-ssl.html

One reason this can happen is due to a server configuration error. The server is configured with a certificate that does not have a subject or subject alternative name fields that match the server you are trying to reach. It is possible to have one certificate be used with many different servers.

For example, looking at the google.com certificate with openssl s_client -connect google.com:443 | openssl x509 -text you can see that a subject that supports *.google.com but also subject alternative names for *.youtube.com, *.android.com, and others. The error occurs only when the server name you are connecting to isn't listed by the certificate as acceptable.



回答2:

Verify your host as

   HttpsURLConnection.setDefaultHostnameVerifier(new HostVerifier());


 public class HostVerifier implements HostnameVerifier {

@Override
public boolean verify(String hostname, SSLSession session) {
    Log.i(TAG, "HOST NAME " + hostname);
    if (hostname.contentEquals("XXX.XX.XXX.XXX")) {
        Log.i(TAG, "Approving certificate for host " + hostname);
        return true;
    }
    return false;
 }
}