Code Xiaosheng, a technology platform focused on the Android field

Join my Android technology group

Author: Jeremy_Ji links: https://www.jianshu.com/p/67bfd401327f disclaimer: this article has been published, it has been approved Jeremy_Ji forwarding etc. Please contact the author

In the first half of this year, several handset manufacturers can be called immortal fight, Mi 9, IQoo, Huawei, Oppo, Samsung and so on all launched Android P system. I’ve been thinking a lot about getting a new phone and checking out Android9.0 (originally a Nubia for Android6). Then rushed to run a few apps written by myself, this run then went wrong.

Android 9 wifi transmission

When you connect to the wifi of the Pentax camera on Android9, you can’t transfer files, you can’t get the thumbnail of the SD card, etc.

No Network Security Config specified, using platform defaultCopy the code

Google has banned plaintext HTTP transfers on Android P, meaning that HTTPS is used instead of HTTP by default. And the official solution is also offered. You can refer to the official details, and I will summarize them briefly here

1. Add a security configuration file. Create the network_security_config. XML file in the res/ XML folder and add a trusted domain name or IP address.

<? The XML version = "1.0" encoding = "utf-8"? ><network-security-config> <domain-config> <domain includeSubdomains="true">example.com</domain> </domain-config></network-security-config>Copy the code

Or add that the default can use plaintext transmission. Then add the following attributes under Application in AndroidMainfest.xml

android:networkSecurityConfig="@xml/network_security_config"Copy the code

  1. Lower the API version to use plaintext HTTP transport at 27 or below. But as a developer it doesn’t make much sense.

Access their own background

Another project was to access my own Web server through Android. Errors will also occur, and the above two methods can be used to solve the problem. There is a third way, which is to manually add SSL certificates

  1. Spring Boot Configuring an SSL certificate To implement HTTPS access, you can use the Java certificate generation tool. Open the CMD terminal and run a command to generate an SSL certificate

keytool -list -keystore server.p12Copy the code

You will then be prompted for a password of at least six characters, and you will need to re-enter it and fill in other information. Just follow the steps. The key is to remember the password. Add a few configurations to the configuration file application.properties in Spring Boot

Key store=classpath:keystore.p12# Configure certificate password #server.ssl.key-store-password=111111 # # # server. SSL. KeyStoreType = as PKCS12 can manually specify port, otherwise use the default port 8443 # server SSL. KeyAlias: tomcatCopy the code

Then restart the project to see the server!

image.png

The certificate must be invalid because it is created by itself

image.png

Add the trust of the certificate

I later reported this error when running tests using Java

avax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names presentCopy the code

This is because after adding HTTPS, you still need to add trust if you use Java.net or Android to access it. Java applications need to add certificates to support. Binaries can be downloaded from the website. First click on the certificate above and then click Copy to File

image.png

Then click Next and select the certificate in der file format. You can run this command to import the certificate to the local cacerts library

keytool -import -alias vbooking -keystore cacerts -file ${JAVA_HOME}/jre/lib/security/vbooking.cerCopy the code

Whether it’s locally run Java test or, after use java.net.HttpURLConnection local is not an error. For Android, add the DER certificate in res/raw/my_ca in the network security configuration file.

<? The XML version = "1.0" encoding = "utf-8"? ><network-security-config> <domain-config> <domain includeSubdomains="true">example.com</domain> <trust-anchors> <certificates src="@raw/my_ca"/> </trust-anchors> </domain-config></network-security-config>Copy the code

One thing to note is that when using network requests on Android, network requests should not be used in the UI main thread. Instead, they should be called in AsyncTask, which has been summarized before. Another point is the need to add network request permissions.

<uses-permission android:name="android.permission.INTERNET"/>    <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />    <uses-permission android:name="android.permission.ACCESS_WIFI_STATE" />Copy the code

Recommended reading

Let’s take a look at the new FileProvider feature in Android 7.0

HTTPS packet capture on various Android versions

The key thinking in programming is

Logic and implementation