java - HTTPS Post request (not) using certificate/hash print? -


i admit there possibility not informed subject, i've done loads of reading , still can't answer question.

from have learnt, make communication secure https need using sort of public key (reminds me of pgp-encryption).

my goal make secured post request java application (which i, in moment starts working, rewrite android app, if matters) php application accessible via https address.

naturally did google research on topic , got lot of results how make ssl connection. non of results used sort of certificate/hash prints. use httpsurlconnection instead of httpurlconnection, else identical.

right now, copy paste of found here this:

string httpsurl = "https://xx.yyyy.zzz/requesthandler.php?getparam1=value1&getparam2=value2";      string query = "email=" + urlencoder.encode("abc@xyz.com", "utf-8");     query+="&";     query+="password="+urlencoder.encode("tramtarie","utf-8");      url myurl = new url(httpsurl);     httpsurlconnection con = (httpsurlconnection) myurl.openconnection();     con.setrequestmethod("post");      con.setrequestproperty("content-length",string.valueof(query.length()));     con.setrequestproperty("content-type","application/x-www-form-urlencoded");     con.setrequestproperty("user-agent","mozilla/4.0 (compatible; msie 5.0;windows98;digext)");     con.setdooutput(true);     con.setdoinput(true);      dataoutputstream output = new dataoutputstream(con.getoutputstream());       output.writebytes(query);      output.close();       datainputstream input = new datainputstream(con.getinputstream());       for(     int c = input.read();     c!=-1;c=input.read())             system.out.print((char)c);     input.close();      system.out.println("resp code:"+con.getresponsecode());     system.out.println("resp message:"+con.getresponsemessage());

which sadly not work , ends exception:

exception in thread "main" javax.net.ssl.sslhandshakeexception: java.security.cert.certificateexception: no subject alternative dns name matching app.elessy.cz found

this means checks certificate , finds out certificate using not match domain name registered (it webhosting certificate, registered webhosting domain, not domain own, reason using https secure data internal purposes, not want site visited users outside, certificate should ok).

there 2 things don't code , everything.

  1. no code have been able find use md5/sha-1 (supposedly public keys message encryption?) prints or certificate, somehow automatically connect https website , should work. doesn't work me though.
  2. do need md5/sha-1 prints provided me? or @ least, in given context prints mean?

edit:

following given answer , duplicate mark, managed working - in meaning can communicate application behind https. didnt have use sort of md5/sha1 print. how know safe? protocol on own? communication secured either way, when use built-in java classes connect app behind https?

i not seek precise technical explanation, more assurance yes - communication safe though not use (knowingly) certificate/servers public key encrypt messages. ssl connection me.


-

Comments

Post a Comment

Popular posts from this blog

OpenCV OpenCL: Convert Mat to Bitmap in JNI Layer for Android -

there several posts converting mat bitmap using utils.mattobitmap() function. i'm assuming function can called in java layer after importing utils class. i want transfer data memory address pointed uint32_t* bmpcontent; in code below. jniexport void jnicall java_com_nod_nodcv_nodcvactivity_runfilter( jnienv *env, jclass clazz, jobject outbmp, jbytearray indata, jint width, jint height, jint choice, jint filter) { int outsz = width*height; int insz = outsz + outsz/2; androidbitmapinfo bmpinfo; if (androidbitmap_getinfo(env, outbmp, &bmpinfo) < 0) { throwjavaexception(env,"gaussianblur","error retrieving bitmap meta data"); return; } if (bmpinfo.format != android_bitmap_format_rgba_8888) { throwjavaexception(env,"gaussianblur","expecting rgba_8888 format"); return; } uint32_t* bmpcontent; if (androidbitmap_lockpixels(env, outbmp,(void**)&bmpcontent)...
Read more

android - org.xmlpull.v1.XmlPullParserException: expected: START_TAG {http://schemas.xmlsoap.org/soap/envelope/}Envelope -

i trying hit soap api in application login purpose , getting above mentioned error , can 1 tell me going wrong , first time soap apis. here code hit soap :- vector<object> args = new vector<object>(); hashtable<string, object> hashtable = new hashtable<string, object>(); hashtable.put("email", "mss.siddhart28@gmail.com"); hashtable.put("password", "siddharth"); args.add(hashtable); soapserializationenvelope envelope = new soapserializationenvelope( soapenvelope.ver11); envelope.dotnet = true; envelope.xsd = soapserializationenvelope.xsd; envelope.enc = soapserializationenvelope.enc; (new marshalhashtable()).register(envelope); httptransportse androidhttptransport = new httptransportse( "http://tempuri.org/", 15000); androidhttptransport.debug = true; string result = ""; try { soapobject request = new soapobject("http:...
Read more

python - How to remove the Xframe Options header in django? -

i have made page has iframe . inside iframe want show multiple different links article facebook, or news, or youtube video or other possible url. but, due xframe header, unable so. referred following link: https://docs.djangoproject.com/en/1.8/ref/clickjacking/ , django xframeoptionsmiddleware (x-frame-options) - allow iframe client ip but didn't help. my settings.py file's middleware_classes is: middleware_classes = ( 'django.contrib.sessions.middleware.sessionmiddleware', 'django.middleware.common.commonmiddleware', 'django.middleware.csrf.csrfviewmiddleware', 'django.contrib.auth.middleware.authenticationmiddleware', 'django.contrib.auth.middleware.sessionauthenticationmiddleware', 'django.contrib.messages.middleware.messagemiddleware', 'django.middleware.clickjacking.xframeoptionsmiddleware', ) from http://django-secure.readthedocs.org/en/latest/middleware.html , found using ...
Read more