You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm having trouble trying to connect to a socket.io 0.9.16 server with a self-signed certificate created according to here using the latest (<a 86079517f2a9b1c5e509e504c2a8ff96bf3fbc76">8607951...) commit on Android 4.0.3. Maybe I'm doing something wrong since I have already tried Gottox socket.io java client with required workarounds without success, so please be patient if I'm making some mistake.
A puzzling exception is thrown:
javax.net.ssl.SSLException
at com.koushikdutta.async.AsyncSSLSocketWrapper$2.onCompleted(AsyncSSLSocketWrapper.java:107)
at com.koushikdutta.async.AsyncNetworkSocket.reportClose(AsyncNetworkSocket.java:198)
at com.koushikdutta.async.AsyncNetworkSocket.close(AsyncNetworkSocket.java:206)
at com.koushikdutta.async.AsyncSSLSocketWrapper.report(AsyncSSLSocketWrapper.java:438)
at com.koushikdutta.async.AsyncSSLSocketWrapper.write(AsyncSSLSocketWrapper.java:369)
at com.koushikdutta.async.AsyncSSLSocketWrapper.handleHandshakeStatus(AsyncSSLSocketWrapper.java:247)
at com.koushikdutta.async.AsyncSSLSocketWrapper.access$000(AsyncSSLSocketWrapper.java:30)
at com.koushikdutta.async.AsyncSSLSocketWrapper$4.onDataAvailable(AsyncSSLSocketWrapper.java:191)
at com.koushikdutta.async.BufferedDataEmitter.onDataAvailable(BufferedDataEmitter.java:33)
at com.koushikdutta.async.BufferedDataEmitter.onDataAvailable(BufferedDataEmitter.java:61)
at com.koushikdutta.async.Util.emitAllData(Util.java:20)
at com.koushikdutta.async.AsyncNetworkSocket.onReadable(AsyncNetworkSocket.java:175)
at com.koushikdutta.async.AsyncServer.runLoop(AsyncServer.java:766)
at com.koushikdutta.async.AsyncServer.run(AsyncServer.java:608)
at com.koushikdutta.async.AsyncServer.access$700(AsyncServer.java:37)
at com.koushikdutta.async.AsyncServer$13.run(AsyncServer.java:557)
I might be able to provide a server URL and other resources (keystore, etc.) for testing if necessary.
This is the code I'm using:
try {
InputStream caInput = mApplication.getResources().openRawResource(R.raw.mystore);
KeyStore keyStore;
try {
// Create a KeyStore containing our trusted CAs
keyStore = KeyStore.getInstance("BKS");
char[] passphrase = "password".toCharArray(); // That's right, a simple password just for testing
keyStore.load(caInput, passphrase);
} finally {
caInput.close();
}
// Create a TrustManager that trusts the CAs in our KeyStore
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keyStore);
//Create an SSLContext that uses our TrustManager
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), new SecureRandom());
AsyncHttpClient.getDefaultInstance().getSSLSocketMiddleware().setSSLContext(context);
AsyncHttpClient.getDefaultInstance().getSSLSocketMiddleware().setTrustManagers(tmf.getTrustManagers());
} catch (GeneralSecurityException e) {
Log.e(Logs.generateTagsForLogcatFiltering(this, this), "Error!", e);
} catch (IOException e) {
Log.e(Logs.generateTagsForLogcatFiltering(this, this), "Error!", e);
}
SocketIORequest req = new SocketIORequest(Constantes.SOCKETIO_SERVER_URL);
Future future = SocketIOClient.connect(AsyncHttpClient.getDefaultInstance(), req, mAplicativo.getSocketIoCallbacks());
try {
mApplication.setSocketIOClient(future.get());
} catch (ExecutionException e) {
Log.e(Logs.generateTagsForLogcatFiltering(this, this), "Error", e);
} catch (InterruptedException e) {
Log.e(Logs.generateTagsForLogcatFiltering(this, this), "Error", e);
}
Any help will be greatly appreciated.
EDIT:
I think I'm getting the grasp of this security stuff but still having trouble.
I've generated a private key-pair and exported it to a .pem file that the socket.io server reads along with the original certificate file. The keystore (in BKS format) was generated with Portecle 1.7 (using its built-in Bouncy Castle provider version 145 since importing the version 146 which is adopted by Android < 4.3 to my JRE's providers prevented Portecle from working - hope this is not a problem, it was the only way of getting Portecle to work).
Despite still getting an SSLException, it is thrown from a different part of the code now:
javax.net.ssl.SSLException
at com.koushikdutta.async.AsyncSSLSocketWrapper$2.onCompleted(AsyncSSLSocketWrapper.java:107)
at com.koushikdutta.async.AsyncNetworkSocket.reportClose(AsyncNetworkSocket.java:198)
at com.koushikdutta.async.AsyncNetworkSocket.onReadable(AsyncNetworkSocket.java:180)
at com.koushikdutta.async.AsyncServer.runLoop(AsyncServer.java:766)
at com.koushikdutta.async.AsyncServer.run(AsyncServer.java:608)
at com.koushikdutta.async.AsyncServer.access$700(AsyncServer.java:37)
at com.koushikdutta.async.AsyncServer$13.run(AsyncServer.java:557)
I'm currently trying to make sure I have working keys/keystores while trying to establish a secure connection in a different way than using Android, in order to figure out if the BKS keystore is the problem here.
EDIT 2:
Using a trusted certificate instead of a self-signed one didn't work either. I'm getting the first exception from above.
The text was updated successfully, but these errors were encountered:
I'm having trouble trying to connect to a socket.io 0.9.16 server with a self-signed certificate created according to here using the latest (<a 86079517f2a9b1c5e509e504c2a8ff96bf3fbc76">8607951...) commit on Android 4.0.3. Maybe I'm doing something wrong since I have already tried Gottox socket.io java client with required workarounds without success, so please be patient if I'm making some mistake.
A puzzling exception is thrown:
I might be able to provide a server URL and other resources (keystore, etc.) for testing if necessary.
This is the code I'm using:
try { InputStream caInput = mApplication.getResources().openRawResource(R.raw.mystore); KeyStore keyStore; try { // Create a KeyStore containing our trusted CAs keyStore = KeyStore.getInstance("BKS"); char[] passphrase = "password".toCharArray(); // That's right, a simple password just for testing keyStore.load(caInput, passphrase); } finally { caInput.close(); } // Create a TrustManager that trusts the CAs in our KeyStore String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm(); TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm); tmf.init(keyStore); //Create an SSLContext that uses our TrustManager SSLContext context = SSLContext.getInstance("TLS"); context.init(null, tmf.getTrustManagers(), new SecureRandom()); AsyncHttpClient.getDefaultInstance().getSSLSocketMiddleware().setSSLContext(context); AsyncHttpClient.getDefaultInstance().getSSLSocketMiddleware().setTrustManagers(tmf.getTrustManagers()); } catch (GeneralSecurityException e) { Log.e(Logs.generateTagsForLogcatFiltering(this, this), "Error!", e); } catch (IOException e) { Log.e(Logs.generateTagsForLogcatFiltering(this, this), "Error!", e); } SocketIORequest req = new SocketIORequest(Constantes.SOCKETIO_SERVER_URL); Future future = SocketIOClient.connect(AsyncHttpClient.getDefaultInstance(), req, mAplicativo.getSocketIoCallbacks()); try { mApplication.setSocketIOClient(future.get()); } catch (ExecutionException e) { Log.e(Logs.generateTagsForLogcatFiltering(this, this), "Error", e); } catch (InterruptedException e) { Log.e(Logs.generateTagsForLogcatFiltering(this, this), "Error", e); }Any help will be greatly appreciated.
EDIT:
I think I'm getting the grasp of this security stuff but still having trouble.
I've generated a private key-pair and exported it to a .pem file that the socket.io server reads along with the original certificate file. The keystore (in BKS format) was generated with Portecle 1.7 (using its built-in Bouncy Castle provider version 145 since importing the version 146 which is adopted by Android < 4.3 to my JRE's providers prevented Portecle from working - hope this is not a problem, it was the only way of getting Portecle to work).
Despite still getting an SSLException, it is thrown from a different part of the code now:
I'm currently trying to make sure I have working keys/keystores while trying to establish a secure connection in a different way than using Android, in order to figure out if the BKS keystore is the problem here.
EDIT 2:
Using a trusted certificate instead of a self-signed one didn't work either. I'm getting the first exception from above.
The text was updated successfully, but these errors were encountered: