如何在 Smack 4.2 中使用证书

Posted

技术标签:

【中文标题】如何在 Smack 4.2 中使用证书【英文标题】:How to use certificates with Smack 4.2 【发布时间】:2018-02-23 19:38:50 【问题描述】:

我正在尝试连接到 Blah.im XMPP 服务器,但它需要 SSL/TLS 证书才能连接。我正在使用下面的代码进行连接,但是如何在此连接中使用证书?

 XMPPTCPConnectionConfiguration config = XMPPTCPConnectionConfiguration.
                                builder()
                                .setHost("jabber.blah.im")
                                .setPort(5222)
                                .setXmppDomain("blah.im")
                                .setUsernameAndPassword(username, password)
                                .setSendPresence(true)
                                .setSecurityMode(SecurityMode.required)
                                .setDebuggerEnabled(true)
                                .build();

 XMPPTCPConnection connection = new XMPPTCPConnection(config);
 connection.connect();
 connection.login();

【问题讨论】:

【参考方案1】:

使用下面的代码来配置 SSL/TLC 证书以进行连接。

  try 
        XMPPTCPConnectionConfiguration.Builder builder = XMPPTCPConnectionConfiguration.builder()
                .setDebuggerEnabled(XMPP_DEBUG_MODE)
                .setXmppDomain(JidCreate.from(SERVICE_NAME).asDomainBareJid())
                .setHost(SERVER_NAME)
                .setPort(5222)
                .setSendPresence(true)
                .setSecurityMode(ConnectionConfiguration.SecurityMode.disabled);

        KeyStore keyStore = configKeyStore(builder);

        configSSLContext(builder, keyStore);

        config = builder.build();

     catch (KeyManagementException | KeyStoreException | NoSuchAlgorithmException | XmppStringprepException e) 
        e.printStackTrace();

//configKey存储

  private KeyStore configKeyStore(XMPPTCPConnectionConfiguration.Builder builder) throws KeyStoreException 
    KeyStore keyStore;

    if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.ICE_CREAM_SANDWICH) 
        builder.setKeystorePath(null);
        builder.setKeystoreType("androidCAStore");
        keyStore = KeyStore.getInstance("AndroidCAStore");
     else 
        builder.setKeystoreType("BKS");
        keyStore = KeyStore.getInstance("BKS");

        String path = System.getProperty("javax.net.ssl.trustStore");
        if (path == null)
            path = System.getProperty("java.home") + File.separator + "etc"
                    + File.separator + "security" + File.separator
                    + "cacerts.bks";
        builder.setKeystorePath(path);
    
    return keyStore;

//配置ssl上下文

  private void configSSLContext(XMPPTCPConnectionConfiguration.Builder builder, KeyStore keyStore) throws NoSuchAlgorithmException, KeyStoreException, KeyManagementException 
    TrustManagerFactory trustManagerFactory = TrustManagerFactory
            .getInstance(KeyManagerFactory.getDefaultAlgorithm());
    trustManagerFactory.init(keyStore);

    SSLContext sslContext = SSLContext.getInstance("TLS");
    sslContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());

    builder.setCustomSSLContext(sslContext);

【讨论】:

你为什么用setSecurityMode(ConnectionConfiguration.SecurityMode.disabled);

以上是关于如何在 Smack 4.2 中使用证书的主要内容,如果未能解决你的问题,请参考以下文章

如何在 java 中使用 Smack XMPP 库处理 TLS 证书

如何使用 smack-android 连接到禁用安全功能的 ejabberd?

我在使用 smack 4.2 Openfire 创建 XMPP 客户端时遇到问题

在 Android Smack 4.2 的消息节点中添加自定义标签

带有 Smack 4.1.8 客户端库的 Apache Vysper - 如何处理 TLS 证书?

SASLErrorException: SASLError using DIGEST-MD5: not-authorized while using Smack 4.2