如何使用SmackXMPP库创建SSL连接？-HowtocreateanSSLconnectionusingtheSmackXMPPlibrary?

Take a look at this thread.

看看这个帖子。

http://www.igniterealtime.org/community/thread/37678

Essentially, you need to add these two lines to your code:

基本上,您需要将这两行添加到您的代码中:

connConfig.setSecurityMode(ConnectionConfiguration.SecurityMode.enabled);
connConfig.setSocketFactory(new DummySSLSocketFactory());

where connConfig is your ConnectionConfiguration object. Get the DummySSLSocketFactory from the Spark source code repository. All it does is accept virtually any certificate. This seemed to work for me. Good luck!

其中connConfig是您的ConnectionConfiguration对象。从Spark源代码存储库中获取DummySSLSocketFactory。它所做的只是接受任何证书。这似乎对我有用。祝好运!

Yes, it's quite easy to achieve. Take a look at the ConnectionConfiguration class, and in particular the setSecurityMode method which accepts a ConnectionConfiguration.SecurityMode enum as a parameter. Setting this to "required" forces Smack to use TLS.

是的,它很容易实现。查看ConnectionConfiguration类,特别是接受ConnectionConfiguration.SecurityMode枚举作为参数的setSecurityMode方法。将此设置为“required”会强制Smack使用TLS。

from the Javadoc:

来自Javadoc:

Securirty via TLS encryption is required in order to connect. If the server does not offer TLS or if the TLS negotiaton fails, the connection to the server will fail.

需要Securirty通过TLS加密才能连接。如果服务器未提供TLS或TLS协议失败,则与服务器的连接将失败。

You can achieve this by the following:

您可以通过以下方式实现此目的:

Storing the CA Certificate in Keystore

将CA证书存储在密钥库中

To store the certificate in a Keystore follow these steps.

要将证书存储在密钥库中,请按照下列步骤操作。

Step 1: Download the bouncycastle JAR file. It can be downloaded from the here: Bouncy Castle JAVA Releases

第1步:下载bouncycastle JAR文件。它可以从这里下载:Bouncy Castle JAVA Releases

Step 2: Use the following command to store the certificate in keystore

步骤2:使用以下命令将证书存储在密钥库中

keytool -importcert -v -trustcacerts -file "" -alias "" -keystore "" -provider org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath "" -storetype BKS -storepass ""

Step 3: Verify the keystore file

第3步:验证密钥库文件

keytool -importcert -v -list -keystore "" -provider org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath "" -storetype BKS -storepass ""

This shall list us the certificate included in the keystore.

这将列出密钥库中包含的证书。

We have a keystore which we can use in our code.

我们有一个密钥库,我们可以在代码中使用它。

Using the keystore

使用密钥库

After generating this keystore, save it in the raw folder of your application. The use the below code to get the certificate handshake with the openfire server.

生成此密钥库后,将其保存在应用程序的原始文件夹中。使用以下代码获取与openfire服务器的证书握手。

To create a connection with openfire using XMPP, you may need to get the config. For the same, use the below method:

要使用XMPP与openfire建立连接,您可能需要获取配置。同样,使用以下方法:

public ConnectionConfiguration getConfigForXMPPCon(Context context) {
        ConnectionConfiguration cOnfig= new ConnectionConfiguration(URLConstants.XMPP_HOST, URLConstants.XMPP_PORT);
        config.setSASLAuthenticationEnabled(false);
        config.setSecurityMode(ConnectionConfiguration.SecurityMode.enabled);
        config.setCompressionEnabled(false);
        SSLContext sslCOntext= null;
        try {
            sslCOntext= createSSLContext(context);
        } catch (KeyStoreException e) {
            e.printStackTrace();
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (KeyManagementException e) {
            e.printStackTrace();
        } catch (IOException e) {
            e.printStackTrace();
        } catch (CertificateException e) {
            e.printStackTrace();
        }

        config.setCustomSSLContext(sslContext);
        config.setSocketFactory(sslContext.getSocketFactory());

        return config;
 }

private SSLContext createSSLContext(Context context) throws KeyStoreException,
            NoSuchAlgorithmException, KeyManagementException, IOException, CertificateException {
        KeyStore trustStore;
        InputStream in = null;
        trustStore = KeyStore.getInstance("BKS");

        if (StringConstants.DEV_SERVER_IP.equals(URLConstants.XMPP_HOST) || StringConstants.TEST_SERVER_IP.equals(URLConstants.XMPP_HOST))
            in = context.getResources().openRawResource(R.raw.ssl_keystore_dev_test);
        else if(StringConstants.STAGE_SERVER_IP.equals(URLConstants.XMPP_HOST) || StringConstants.STAGE2_SERVER_IP.equals(URLConstants.XMPP_HOST))
            in = context.getResources().openRawResource(R.raw.ssl_keystore_stage);
        else if(StringConstants.PROD_SERVER_IP.equals(URLConstants.XMPP_HOST) || StringConstants.PROD1_SERVER_IP.equals(URLConstants.XMPP_HOST))
            in = context.getResources().openRawResource(R.raw.ssl_keystore_prod);

        trustStore.load(in, "".toCharArray());

        TrustManagerFactory trustManagerFactory = TrustManagerFactory
                .getInstance(KeyManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(trustStore);
        SSLContext sslCOntext= SSLContext.getInstance("TLS");
        sslContext.init(null, trustManagerFactory.getTrustManagers(),
                new SecureRandom());
        return sslContext;
}

All done..!! Just connect.. Now your connection is secured.

全部完成..!!只需连接..现在您的连接是安全的。

All follow the same in my blog at smackssl.blogspot.in

所有这些都在我的博客smackssl.blogspot.in中也是如此