wrong version keystore when doing https call

2019-02-16 10:35发布

Hello fellow android coders.

I'm trying to do a https secure call from my android code. The call goes fine on the emulator but on the actual Samsung Galaxy device I get a SSL error.

I used crazy bobs method for handling the cetificate. Here is crazy bobs link: http://blog.crazybob.org/2010/02/android-trusting-ssl-certificates.html.

Problem is I get an error: "wrong version of keystore" inside the custom SSLSocketFactory object.

Any suggestions on what to do to fix this? Thanks.

3条回答
Ridiculous、
2楼-- · 2019-02-16 10:48

An easy alternative is to use Portecle to generate the BKS:

  1. Download Boucycastle Provider 1.46
  2. Replace bcprov.jar in your Portecle install directory (example: C:\Program Files (x86)\Portecle\bcprov.jar). Same naming is required.
  3. Restart Portecle and generate your BKS truststore.

Remark: For me the issue was on Android 4.0.3 and that fixed it.

More explanations here.

查看更多
老娘就宠你
3楼-- · 2019-02-16 10:50

In case anyone stumbles upon this and @Jcs excellent answer does not solve it: I experienced exactly the same issues, and it turned out I didn't install the SSL certificates on my web server correctly. I got the idea when using digicert's SSL testing tool: My certificate provider used the common practice of signing server certificates with an intermediate CA. After installing the certificate chain (which links the issuer's intermediate CA to their root CA), everything worked fine.

查看更多
冷血范
4楼-- · 2019-02-16 10:55

Did you create your keystore with the Bouncy Castle format? All these 3 parameters are mandatory when creating the keystore with keytool (and especially the keystore type must be BKS):

  -storetype BKS
  -provider org.bouncycastle.jce.provider.BouncyCastleProvider
  -providerpath /path/to/bouncycastle.jar

Android uses version 1.46 of bouncycastle, make sure you use this version when creating your keystore Version 1.46 is found here

查看更多
登录 后发表回答