我已经被困了几天了,我已经检查了几个答案(这个,这个,这个,这个,这个,这个,这个),但我一直无法解决我的问题。我是SSL的新手,在我的组织中似乎没有其他人这样做过。
背景
目前,我们在零售商网点中有一组终端通过SSL连接到服务器。该连接包括客户端身份验证。我的组织作为CA,并已发布cacert。crt证书,并使用它为服务器和所有客户端终端签署一个证书。终端目前可以与服务器正常工作,但我无法从支持该环境的人员那里获得有关当前连接或配置的详细信息……看起来该系统是多年前从多家供应商购买的,而且知识已经丢失。我目前正在尝试开发一个单独的客户端,可以在现有终端之外与服务器通信。
问题
我开发了一个非常简单的JavaSSL客户端,以便更好地理解SSL配置,并了解连接时需要在何处以及如何引用证书和密钥。不幸的是,我一直无法成功地连接到服务器,我不确定是什么问题或其他要检查的问题。
我已经能够生成SSL连接的调试日志(附在下面)。我也能够通过运行openssl的s_client函数生成一个日志,但是我不熟悉这个工具,所以我不确定它在告诉我什么。我附上了所有的代码和日志,我希望你能给我一些关于问题是什么的见解。
由于我是SSL新手,我不确定我是否已经提供了所有相关的信息。如果你需要任何进一步的信息,请让我知道。
简单Java客户端
public class Client {
private static String serverIP = "{snip: server IP}";
private static int serverPort = {snip: port number};
public static void main(String[] arstring) {
try {
SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket sslsocket = (SSLSocket) sslsocketfactory.createSocket(Client.serverIP, Client.serverPort);
InputStream inputstream = System.in;
InputStreamReader inputstreamreader = new InputStreamReader(inputstream);
BufferedReader bufferedreader = new BufferedReader(inputstreamreader);
OutputStream outputstream = sslsocket.getOutputStream();
OutputStreamWriter outputstreamwriter = new OutputStreamWriter(outputstream);
BufferedWriter bufferedwriter = new BufferedWriter(outputstreamwriter);
String string = null;
while ((string = bufferedreader.readLine()) != null) {
bufferedwriter.write(string + '\n');
bufferedwriter.flush();
}
} catch (Exception exception) {
exception.printStackTrace();
}
}
}
SSL调试日志
java -Djavax.net.ssl.trustStore=ca_only.jks -Djavax.net.ssl.keyStore=keystore.jks -Djavax.net.debug=ssl,handshake -Djavax.net.ssl.keyStorePassword=password -Djavax.net.ssl.trustStorePassword=password Client
keyStore is : keystore.jks
keyStore type is : jks
keyStore provider is :
init keystore
init keymanager of type SunX509
***
found key for : 1
chain [0] = [
[
Version: V3
Subject: CN=Server, O=Organization, ST=ON, C=CA
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 2048 bits
modulus: {snipped due to post length}
public exponent: 65537
Validity: [From: Wed Jul 04 11:17:50 CDT 2012,
To: Mon Jul 04 11:17:50 CDT 2022]
Issuer: CN=DEV2008, O=Organization, ST=ON, C=CA
SerialNumber: [ b7ccceda 64ef4eb7]
Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.13 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 1F 16 1D 4F 70 65 6E 53 53 4C 20 47 65 6E 65 ....OpenSSL Gene
0010: 72 61 74 65 64 20 43 65 72 74 69 66 69 63 61 74 rated Certificat
0020: 65 e
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: B8 92 53 99 09 EB 73 6D 6D 45 8E 84 35 C5 11 77 ..S...smmE..5..w
0010: 7A 41 C9 10 zA..
]
]
[3]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
]
[4]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 43 EF 2E E1 B8 E6 01 C4 65 E1 E3 38 CE DA 86 C7 C.......e..8....
0010: BE 93 65 BA ..e.
]
]
]
Algorithm: [SHA1withRSA]
Signature:
{snipped due to post length}
]
***
trustStore is: ca_only.jks
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
Subject: CN=DEV2008, O=Organization, ST=ON, C=CA
Issuer: CN=DEV2008, O=Organization, ST=ON, C=CA
Algorithm: RSA; Serial number: 0xb7ccceda64ef4eb3
Valid from Wed Sep 10 10:10:25 CDT 2008 until Sun Sep 10 10:10:25 CDT 2028
trigger seeding of SecureRandom
done seeding SecureRandom
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
testText
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1388847103 bytes = { 81, 210, 193, 47, 1, 40, 31, 209, 31, 74, 153, 216, 224, 141, 29, 4, 49, 162, 216, 34, 206, 202, 42, 228, 204, 73, 106, 208 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect5
71r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
***
main, WRITE: TLSv1 Handshake, length = 149
main, READ: SSLv3 Handshake, length = 74
*** ServerHello, SSLv3
RandomCookie: GMT: 1385163043 bytes = { 125, 48, 211, 49, 203, 23, 208, 161, 188, 43, 152, 33, 160, 32, 20, 163, 66, 19, 136, 90, 152, 42, 154, 53, 208, 175, 39, 177 }
Session ID: {162, 201, 116, 199, 55, 245, 172, 195, 38, 102, 80, 124, 35, 60, 29, 218, 112, 86, 108, 44, 8, 212, 102, 73, 102, 68, 212, 246, 165, 233, 2, 31}
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA
Compression Method: 0
***
Warning: No renegotiation indication extension in ServerHello
%% Initialized: [Session-1, TLS_RSA_WITH_AES_128_CBC_SHA]
** TLS_RSA_WITH_AES_128_CBC_SHA
main, READ: SSLv3 Handshake, length = 1980
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: CN=Server, O=Organization, ST=ON, C=CA
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 2048 bits
modulus: {snipped due to post length}
public exponent: 65537
Validity: [From: Wed Jul 04 11:15:51 CDT 2012,
To: Mon Jul 04 11:15:51 CDT 2022]
Issuer: CN=DEV2008, O=Organization, ST=ON, C=CA
SerialNumber: [ b7ccceda 64ef4eb6]
Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.13 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 1F 16 1D 4F 70 65 6E 53 53 4C 20 47 65 6E 65 ....OpenSSL Gene
0010: 72 61 74 65 64 20 43 65 72 74 69 66 69 63 61 74 rated Certificat
0020: 65 e
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: B8 92 53 99 09 EB 73 6D 6D 45 8E 84 35 C5 11 77 ..S...smmE..5..w
0010: 7A 41 C9 10 zA..
]
]
[3]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
]
[4]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 01 98 19 F0 74 48 DB CF 55 D0 1B 9B A3 C8 04 61 ....tH..U......a
0010: 50 03 F9 F6 P...
]
]
]
Algorithm: [SHA1withRSA]
Signature: {snipped due to post length}
]
chain [1] = [
[
Version: V3
Subject: CN=DEV2008, O=Organization, ST=ON, C=CA
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 2048 bits
modulus: {snipped due to post length}
public exponent: 65537
Validity: [From: Wed Sep 10 10:10:25 CDT 2008,
To: Sun Sep 10 10:10:25 CDT 2028]
Issuer: CN=DEV2008, O=Organization, ST=ON, C=CA
SerialNumber: [ b7ccceda 64ef4eb3]
Certificate Extensions: 3
[1]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: B8 92 53 99 09 EB 73 6D 6D 45 8E 84 35 C5 11 77 ..S...smmE..5..w
0010: 7A 41 C9 10 zA..
]
[CN=DEV2008, O=Organization, ST=ON, C=CA]
SerialNumber: [ b7ccceda 64ef4eb3]
]
[2]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:true
PathLen:2147483647
]
[3]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: B8 92 53 99 09 EB 73 6D 6D 45 8E 84 35 C5 11 77 ..S...smmE..5..w
0010: 7A 41 C9 10 zA..
]
]
]
Algorithm: [SHA1withRSA]
Signature: {snipped due to post length}
]
***
Found trusted certificate:
[
[
Version: V3
Subject: CN=DEV2008, O=Organization, ST=ON, C=CA
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 2048 bits
modulus: {snipped due to post length}
public exponent: 65537
Validity: [From: Wed Sep 10 10:10:25 CDT 2008,
To: Sun Sep 10 10:10:25 CDT 2028]
Issuer: CN=DEV2008, O=Organization, ST=ON, C=CA
SerialNumber: [ b7ccceda 64ef4eb3]
Certificate Extensions: 3
[1]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: B8 92 53 99 09 EB 73 6D 6D 45 8E 84 35 C5 11 77 ..S...smmE..5..w
0010: 7A 41 C9 10 zA..
]
[CN=DEV2008, O=Organization, ST=ON, C=CA]
SerialNumber: [ b7ccceda 64ef4eb3]
]
[2]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:true
PathLen:2147483647
]
[3]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: B8 92 53 99 09 EB 73 6D 6D 45 8E 84 35 C5 11 77 ..S...smmE..5..w
0010: 7A 41 C9 10 zA..
]
]
]
Algorithm: [SHA1withRSA]
Signature: {snipped due to post length}
]
main, READ: SSLv3 Handshake, length = 13
*** CertificateRequest
Cert Types: RSA, DSS
Cert Authorities:
<Empty>
*** ServerHelloDone
matching alias: 1
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: CN=Server, O=Organization, ST=ON, C=CA
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 2048 bits
modulus: {snipped due to post length}
public exponent: 65537
Validity: [From: Wed Jul 04 11:17:50 CDT 2012,
To: Mon Jul 04 11:17:50 CDT 2022]
Issuer: CN=DEV2008, O=Organization, ST=ON, C=CA
SerialNumber: [ b7ccceda 64ef4eb7]
Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.13 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 1F 16 1D 4F 70 65 6E 53 53 4C 20 47 65 6E 65 ....OpenSSL Gene
0010: 72 61 74 65 64 20 43 65 72 74 69 66 69 63 61 74 rated Certificat
0020: 65 e
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: B8 92 53 99 09 EB 73 6D 6D 45 8E 84 35 C5 11 77 ..S...smmE..5..w
0010: 7A 41 C9 10 zA..
]
]
[3]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
]
[4]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 43 EF 2E E1 B8 E6 01 C4 65 E1 E3 38 CE DA 86 C7 C.......e..8....
0010: BE 93 65 BA ..e.
]
]
]
Algorithm: [SHA1withRSA]
Signature:
{snipped due to post length}
]
***
*** ClientKeyExchange, RSA PreMasterSecret, SSLv3
main, WRITE: SSLv3 Handshake, length = 1221
SESSION KEYGEN:
{snipped because I'm not sure if this is sensitive or not}
*** CertificateVerify
main, WRITE: SSLv3 Handshake, length = 262
main, WRITE: SSLv3 Change Cipher Spec, length = 1
*** Finished
verify_data: { 159, 145, 181, 103, 3, 219, 244, 50, 1, 137, 254, 25, 166, 118, 40, 186, 196, 23, 254, 184, 250, 137, 29, 171, 163, 153, 126, 193, 226, 134, 145, 9, 137, 16, 90, 178 }
***
main, WRITE: SSLv3 Handshake, length = 64
main, READ: SSLv3 Alert, length = 2
main, RECV SSLv3 ALERT: fatal, handshake_failure
%% Invalidated: [Session-1, TLS_RSA_WITH_AES_128_CBC_SHA]
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.recvAlert(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.writeRecord(Unknown Source)
at sun.security.ssl.AppOutputStream.write(Unknown Source)
at sun.nio.cs.StreamEncoder.writeBytes(Unknown Source)
at sun.nio.cs.StreamEncoder.implFlushBuffer(Unknown Source)
at sun.nio.cs.StreamEncoder.implFlush(Unknown Source)
at sun.nio.cs.StreamEncoder.flush(Unknown Source)
at java.io.OutputStreamWriter.flush(Unknown Source)
at java.io.BufferedWriter.flush(Unknown Source)
at Client.main(Client.java:33)
OpenSSL s_client状态日志 正如我上面提到的,我真的不确定这个工具告诉我什么,或者我是否正确运行它。
openssl.exe s_client -connect {serverIP}:{serverPort} -cert client.cer -key client.key -cipher AES128-SHA -state
WARNING: can't open config file: /usr/local/ssl/openssl.cnf
Enter pass phrase for client.key:
Loading 'screen' into random state - done
CONNECTED(000000E0)
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:SSLv3 read server hello A
depth=1 C = CA, ST = ON, O = Organization, CN = DEV2008
verify error:num=19:self signed certificate in certificate chain
verify return:0
SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server certificate request A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client certificate A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write certificate verify A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:SSLv3 read finished A
---
Certificate chain
0 s:/C=CA/ST=ON/O=Organization/CN=Server
i:/C=CA/ST=ON/O=Organization/CN=DEV2008
1 s:/C=CA/ST=ON/O=Organization/CN=DEV2008
i:/C=CA/ST=ON/O=Organization/CN=DEV2008
---
Server certificate
-----BEGIN CERTIFICATE-----
{snipped due to post length}
-----END CERTIFICATE-----
subject=/C=CA/ST=ON/O=Organization/CN=Server
issuer=/C=CA/ST=ON/O=Organization/CN=DEV2008
---
No client certificate CA names sent
---
SSL handshake has read 2157 bytes and written 1672 bytes
---
New, TLSv1/SSLv3, Cipher is AES128-SHA
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : SSLv3
Cipher : AES128-SHA
Session-ID: E6EB30E4E24114A59436063BE2A732B3CBF6F47A57AA34CFBFB584FC1517F5D9
Session-ID-ctx:
Master-Key: 86307078588C268CDCFCD6B9ABBD55DC8C0A61E900384D3FF99091E030EF9C831B61A880D33313D0DCC7C6688507790A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1405627491
Timeout : 300 (sec)
Verify return code: 19 (self signed certificate in certificate chain)
---
read:errno=0
SSL3 alert write:warning:close notify
我注意到,在 SSL 调试日志的“证书请求”部分中,“证书颁发机构”列表为“”。我在一个问题中读到,这是服务器的配置问题,但事实并非如此,因为当前的终端可以正常工作。我还在另一个问题中读到,这取决于实施,可以被允许。我不确定哪个是真的,但我确定终端当前能够连接到服务器,而我的测试客户端无法连接。
你知道我做错了什么吗,当我试图联系的时候,我handshake_failure?
感谢您提供的任何帮助。
丹,
我注意到您的调试中有很多“忽略不支持的xxxx协议”。如果您添加;
socket.setEnabledProtocols(new String[]{"SSLv3", "TLSv1"});
添加到您的代码中,这应该可以解决握手问题。
想得到一些关于设置简单的双向ApacheSSL的建议。 我们使用openSSL创建了一个密钥文件和csr请求。然后,我们将其提交给CA,并收到一个crt文件与CA的crt文件一起返回。 我们已经配置了ApacheHTTP。conf文件,并在加载mod_ssl模块后添加了以下参数。 开启SSLEngine SSLCACertificateFile/local/fast/fcHome/deployme
我已经尝试让我的应用程序发送电子邮件超过一个小时了,我已经尝试了我在网上找到的所有东西,但我仍然得到了我的问题标题中提到的例外情况。 下面是我使用的代码: 我允许在我的帐户上访问不太安全的应用程序。我也尝试过启用2FA并生成特定于应用程序的密码,但例外情况仍然存在。
问题内容: 我有一个独立的Java客户端(从eclipse中运行),希望连接到外部服务器。如果服务器是本地主机,那么我看不到任何问题。但是,每当我尝试连接到外部服务器时,总是会收到以下异常 我尝试按照提到的步骤使用JNDI从远程客户端进行EJB调用 该异常告诉我,在与身份验证相关的配置文件中出了点问题。这是我的ejb_client_properties文件 注意:棕褐色用户已添加到服务器上的我的m
问题内容: 我正在一个需要客户端和服务器证书认证的Android应用程序上工作。我创建了一个SSLClient类,该类在常规的台式机Java SE 6上运行良好。我将其移至Android项目中,并收到以下错误:“找不到KeyStore JKS实现”。 我已经在网上看了一下,似乎有可能Android上不支持Java Keystore(太棒了!),但是我感觉还不止如此,因为我发现的示例代码都没有类似于
在我的Gmail A/C上,我从production server运行代码后收到了以下电子邮件 嗨, 最近有人使用您的密码尝试登录您的Google帐户mymailid@gmail.com。此人正在使用电子邮件、客户端或移动设备等应用程序。 2014年1月3日星期五13:56:08点钟UTC IP地址:xxx.xx.xx.xxx(abcd.net.)地点:美国宾夕法尼亚州费城 如果您无法识别此登录尝