美文网首页
uni-app 配置HTTPS双向认证

uni-app 配置HTTPS双向认证

作者: 三眼卡夫卡a | 来源:发表于2021-04-15 17:57 被阅读0次

    0 实验准备

    准备一个可以正常使用的域名,这里使用的是  test.duqingquan.com  

    准备一个可以正常使用服务器,并正确设置域名解析。 这里是 debian9.6

    准备一个web服务器, 这里用的是tomcat 9.0.41

    准备一个安装JDK的计算机。这里安装的是Open JDK 11.

    1  生成必须的证书文件

    有条件的可以使用CA认证的,我这里使用的自签名的文件。




    将下面的脚本写入一个文本文件,重命名为 auto.bat (windows平台)

    ```

    echo "auto create key"

    # 生成服务端keystore -> server.jks

    keytool -genkeypair -v -alias tomcatKey -keyalg RSA -validity 3650 -keystore ./server.jks  -storepass 886688 -dname "CN=duqingquan.com" -ext SAN=dns:test.duqingquan.com

    # 生成服务器端公钥至 server.cer

    keytool -exportcert -alias tomcatKey  -keystore ./server.jks  -file ./server.cer  -storepass 886688

    # 生成客户端keystore -> client.p12

    keytool -genkeypair -v -alias client -dname "CN=duqingquan.com"  -keyalg RSA -validity 3650 -keystore ./client.p12 -storepass 336633 -storetype PKCS12

    # 生成客户端公钥 -> client.cer

    keytool -exportcert -alias client -file ./client.cer -keystore ./client.p12 -storepass 336633 -storetype PKCS12

    # 让服务器keystore信任客户端公钥

    keytool -importcert -alias clientca  -keystore ./server.jks  -file ./client.cer  -storepass 886688

    # 让客户端keystore信任服务器公钥

    keytool -importcert -alias serverca  -keystore ./client.p12  -file ./server.cer  -storepass 336633

    # 打印服务器keystore

    keytool -list -keystore ./server.jks -storepass 886688

    # 打印服务器公钥

    keytool -rfc -printcert -file .\server.cer -v

    pause

    ```

    注意替换其中的秘钥,域名和机构信息。

    双击执行后,我们得到了我们需要的所有证书文件。

    所有需要的证书物料

    2  配置tomcat服务器

    2.1  tomcat 安装配置

    2.2 配置server.xml

    上传server.jks文件至 tomcat安装目录下,conf文件夹下

    进入tomcat服务器,conf文件夹,编辑server.xml,对connector字段添加如下配置

    文本内容

    <Connector

    protocol="org.apache.coyote.http11.Http11NioProtocol"

      sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation"

      port="13888" maxThreads="200"

      scheme="https" secure="true" SSLEnabled="true"

                      truststoreFile="conf/server.jks" truststorePass="886688"

                      keystoreFile="conf/server.jks" keystorePass="886688"

      clientAuth="true" sslProtocol="TLS"/>

    保存server.xml 重启tomcat.

    打开tomcat根目录下的logs目录,

    使用 tail -f catalina.out  查看tomcat实时日志,如果server.xml配置有误,在这里可以看到报错信息。

    tomcat成功重启后,访问

    https://test.duqingquan.com:13888/examples/servlets/servlet/HelloWorldExample

    提示如下信息,说明服务器端配置成功。


    2.3  配置浏览器证书

    双击 client1.cer文件,进行安装

    安装成功后,此时再次访问,报错信息变成了

    再次安装,客户端keystore :  client.p12

    安装成功后,重新访问。会提示选择客户端证书。

    选择证书后,可以正常访问。

    3  uni-app 配置访问

    3.1   前提条件

    使用HX 3.2.0以上版本

    3.2  调用代码示例

    定义androidTlsConfig

    3.3 测试步骤

    使用下面的测试用例代码,运行后界面

    运行后的界面示例

    在不动态安装DCloud CA的前提下,依次访问三个网站:

    接下来,动态下载DCloud官网证书。

    再次测试三个网站

    测试用例代码:

    ```

    <template>

    <view>

    <button @click="downloadCAFile"> downloadCAFile</button>

    <button @click="taobaoTlsRequest"> taobaoTlsRequest</button>

    <button @click="dcloudTlsRequest"> dcloudTlsRequest</button>

    <button @click="goTlsRequest"> goTlsRequest</button>

    <text>{{requestResult}}</text>

    </view>

    </template>

    <script>

    export default {

    data() {

    return {

    androidConfig : {

    keystore:'data:keystore/p12;base64,MIIMywIBAzCCDIQGCSqGSIb3DQEHAaCCDHUEggxxMIIMbTCCBWkGCSqGSIb3DQEHAaCCBVoEggVWMIIFUjCCBU4GCyqGSIb3DQEMCgECoIIE+zCCBPcwKQYKKoZIhvcNAQwBAzAbBBRsUupaTHglPzY1OVEL3zpVQ1BeQAIDAMNQBIIEyOgi16viECt7wPU5KkWhSr1oiN7OtlVkLEAAkg0Mub+lwGtqVv1ggmgrKipXdzYACjbMS6atW+VgfYsOeIfajmZgkx668jeHtaLkg3Ejm5ha2iA1DppPtiAc+5lDMMbdyM3ZkNmS2ZCUNMGLJvJqnOf+rKbfxeJs0FYa4b7pj6HXv1RWp37DOvhuwUQubF6xms5+JO8Zc+ak+JYdWSWetP9ThBPXhuDtqPByDberKpSIKF/vp/PVBKEMylP66zEV/C+y6l7VWBZmzgMAVe4pAcaZ+RgjEsEHM6UKiGl03DlVCNqnKRAVm408H5TtkUHgSJ5FuVCPXGj9tX889fUFlf3PvBLYXs0q3P0hbaQ5JMoa1akVroycS9zS2D7z+n6JlLW4VYqnbmJa2KVhabDLtOQfNdSOL9xAyCUOoRaUT/sk9w1RLPAOj+sF8Bx220qp1kqXi99TgxCXJ5Lky+6tzxS8oINK+xHO6Ox/P0xSswv+MNOJPr2fGYYr2vRZz5zTANsrk2roYNRywipsoyuuB3Ms+P9mYocTnkWAKzxi1zA7sQmZNxzOs0Uy+mJ6eyKQeiTau+Eg7TIHArSDALniUP5e9mKkSpb4kBeEAprzGLZIsIf7i2LtaClkYkV+X6M1g3j4BG2R2W7ggQIKxq92v60O+fAnGI/XUBVU7O0smuGejRGPBpRJup0Jsu+ur1TWf762PLdP/9awU0Yu2FGwOLkVfemLPpF0Z9V6yaGXYGVPiLed7C+4XXm8wcyeY42Qos33k1NS6TrKojKRe9YqpScuSNmOdow4rt7a1Js8gv36GWmVGNb1yuEzeMFMtZ0brKe8urFQ/JqCzXG6RaKUfXLKd0WQfUpzKzgY/bqkI/tp3YAzJ+A1ediR+YsEFccjnRFi+DQUZzouVOgIdJzNOtXfZtiyPkUFQ9DK39/HhMwj/PGVtAUNA9u9qUy5tg0R4vneOK6OLBiyaUy9aLGMY2XrO9qIOTvy7OKeVPOysO0W8KLYIJO0FTJMB8Xw4L6mTMunNrps2w9z7oUpW7Zvgh8FZ5AFwjZ40Vv56q4fyXqxUOedoA9b5zxtpxjLSZFG7Tpv77dDmWgWdKy7aneNf9aeZRnW5NydkhXy6Y3Gwv2eR6L5n7CqcaDPW/WVEn13VrUVpa82yob3FXsYgXgom4BQOlnA/PkAkyBOrYwxv1/GyMO7FINxO8PyKFBe4pk12zhyxIx2HxF/N4R52sJnAISwJ1yWbGQkP3hAmZi4OBlufA3GmZNtqmhNFRsQZexgfD10dTRX219Q6oL8VB5W3GVs34ILIIJK0+NVoRUxMg1zo+YRGZJwD0BVysVM8LaRdFBcYcG3QuPyvmjQ6SbxknBYFlpWL5ALvv+sNv7IAoOBV9LuZB8rrmLHdLz/pUDN+v8fx0Bde2slX4fXol+4VdWesw2pcuuPg1/ncD/helAoeQVU6unN/Drx3UOUAlcw9Jb4gNkFQp4ex3q97SD5Spcks24nAKYVBKI8JvSf6dQ9l48XblXhX5AGB1phol8ELKcL9uYXxPvrAO7xKTdvQOrNOsq0usKQNiwsGIoMFmadXWPkU0EwOHqLLaqnhBBuHsCWYi2CF53WHUBX5pi8QyuFU7BnWH2NKDFAMBsGCSqGSIb3DQEJFDEOHgwAYwBsAGkAZQBuAHQwIQYJKoZIhvcNAQkVMRQEElRpbWUgMTYxODgyODYzNDI5NjCCBvwGCSqGSIb3DQEHBqCCBu0wggbpAgEAMIIG4gYJKoZIhvcNAQcBMCkGCiqGSIb3DQEMAQYwGwQU5Zbz4ZA5RM44ZZzje4uD2a2g120CAwDDUICCBqg+xAGRHsO7I0T7i87soHjZH5MoSPVgLB8kFRHRtWSN3acqqrdgdpJs9AkWovwaxdBM7eCxpPJ6LGmFsH3omxkry0RVOYDLuExZUAn0e4GYe7gJenvZIGrQYMeMON7hlyNgcsCP+GKi5s0hN3s6P6DGyP1A3Y/JB6iaDFXOzepW0YIl6q9MX1xHxBq2blPKAbL3IJ18cmLuudTTSXQ+uwBhu+yhGCUGi2samc3VlxVAGVvh3V35CQ+zpMRvrdiIYz/XM5k7etqeZNZzD41B57+QQ1rwdhHIGfF4UvyWWG0qoDAJsVjk/asEGo8Qo29y0NzSirzDLDTmB9lp3wwjN8deB+jvt/dIPWNp4SEny4M9gjZaisjOpgNkHyAyHcbOxAFL8vN9wL1ooOnCgr2Px/GJ6ryTqTKl3J2pDcew1rAvP7ajOuQ3w9BUeuajnyfFEIcw7KoPvx3BSaX5FQssVdxjFFfU6wpW7B3SZrk+YXvJmrMKSVU3ktTwB4bnZG1tL1U0HLch78KP831wTMrGFGeYkNBxfYSTMdln3bkGuSDKYCQpD0kuIk6oaHItONZ1+m3O0HjEOWvYfikBD1X4xPoomxxrGb+TlvH9/m0zjmQKmU4Fz49+oZhZ1cWYHIilLbV9o7NtLeOIi9ISju6BJicukiZG9dflheNnIzLA1yg3DNPuT7HlmyQYcd5YKSL8PBKc/XIQk0IbzfDkUx54w5nLtlXTbGpZjo04Zu5qRmulxN4FMlpR06Gu/THbgb/9a6sQvRCOT4cdmVEUMcGD2fYVNoXnYPUCRYMs2DeWXe0t9/tYrsZcgdvI9pQjng8Ap+SSmkshBqWcVXXDOvrMkAz2wrP8v+5D61NzKOoOC2KdTc9+GNu9/zKgNwxZqjnMXUI3gmo4lcVKE5XSX4RUsv0RmruhPizC7JsfpcCzLLh2CTRIpkspnjmOeJIg4GULxqQesgBgFeqT53OjQIkeWVWSLAmb8qHUiqp0VyLCg6lloXPURXMVEQ835UtCz1EKW3mKdM9Cb6hgsFulj9uZo4ayOy5EedARp45jc/SzhV/6LbUac3f/OtsajOHZmvUdtyQscFsf0uHALgs2kLs+B4LtL2RZuIP501ig84TXTLUABxWHQ2hddpbKCOVi7NpIRMeyRENVELX99I8pOBE7BURf8YttNMd2V0TIbljpQUrJ/WMcknx4CEMuvJYkGPDnSbkxogvMYE50RGoq8EUTv5lPkIc9uReOPBzAEGNy/yQRO5czsxHiRWZtFRS/+RMZYXwjpMLewKiDWY9FexQfy7vlA08wqWqZRezT1gddt71oNy4n/Oa6afEdLisLvjw//rO+DeQMHMugobXh19g74K33MquY0AIIN73Wa6bGtNm9xon3rDM5OXx1P6Rz8DPs8kPF801GQi2HBYr84bcjVwM3+nDzCA0pg+13D82Mx77W0YoDUDI90ip1gX8C+mL53i9jG+2y547ba0rkmhLTtZGPcjXJVBFOUcKw2XyeLP1Swtj1K+JHwp9Dc2IA/m2egey5QG4mywnTDxUav5b5B1OS5Lpm3GZ1SaYGxoENIiK7fqy6bfctKq5RZjZrlbxzXYvBep+vUSdhd7NNqe6DXdKzTgY+eU/qD+wBE3Lq9SVdSxuD5hHbOGumsE5Lmt/aOhjwThDHX6ykV9wUIteDlR9uanpYfzVY+W2YcWarl1l6bfwHp4rnWevQvfXpPFlcp8406uvofGz6ymYEpBSQY89Hn+UiopCDTfRsA8wpiOiZlvB+rTcHzixvUYD7+96weyi9XDAnrm+3XiCEeZl95Womv6/pTLDKhBZUb2RIIUmB+DsS4NLr8HtZUA70YvYs4V0qghmnalkhmXDxE4e51T515OHU6SOfbtmxeY9ls2XCmFrlCl886pDoJIHpEpSNzMYfzcIrMmKLVqlfyA1yAeWE4Y7z3ASb3iIlW6As5VKKdkNwCi+LOAs6SnINNuk5xtU2H/aYdtWpdo2TLnarZDJ0IBa9PjDRx2+7JqYV9+XWqdImxwC5lg2lLoB4DteQgxqjMRtP0d/htHGMQk//hdAMuQGgIwjGsbURTXjVUUoS2+LekirdZkQfyWpfpK6bmhRKv55SFEpsnNxMNI5g5HRgdJuZWCYhwhtr/JxpKg8JFCCWiplzp3+JSnt7oK+TYTpblMFWXeYwonUerPOM9f/Nj3Hh0m739t3+xzjV2X0pgkEZRWTtvflDTIfigtSTygmaz484jfqBzXjnjdY8FcV80UAm/Tk5JNQwPjAhMAkGBSsOAwIaBQAEFFLj4sa9k34mzjpfe4Tguf3ae4FtBBQlPfuBneBYO2QW3Skd6ifqjqz6tAIDAYag',

    storePass:"336633",

    ca:["data:cert/pem;text,-----BEGIN CERTIFICATE-----\nMIIC8TCCAdmgAwIBAgIEKov9yzANBgkqhkiG9w0BAQsFADAZMRcwFQYDVQQDEw5k\ndXFpbmdxdWFuLmNvbTAeFw0yMTA0MTkxMDM3MTJaFw0zMTA0MTcxMDM3MTJaMBkx\nFzAVBgNVBAMTDmR1cWluZ3F1YW4uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A\nMIIBCgKCAQEAkfpFOl97d2gWOOyc9UVx91pyIQQBq2lj6PNqy8fGCckkOqYxXecG\nWFq0zGqEVoaNL/TXK5Pa2apZXPl/bRYrJOlcFk5MW6dq4PkcFqrmS7ZwL6nFJ/YH\nZqXMK9NrbDZEVTpdmlt/pu/l+/Rex99Rkc6ws4Z9YI/p0LkMgjqL9LcAag1fJZK/\n2YLCN2hk+ujwGuz2qmJxAoq2oKefWSghjGkzb47y9g7h6acXlIWA42+7lyeh8iPD\nUkkGHj+kJOsF3VykDhV3FMpzcMfMIx7HMWJt4NVYjgourVhXKQ6JXACDBzD2vfki\n/M79h7o3PHiNE8ZGe8tNuexDnR1eR2ftywIDAQABo0EwPzAdBgNVHQ4EFgQUhAfB\nEwQZzkblt9LnGm+mANYPtRswHgYDVR0RBBcwFYITdGVzdC5kdXFpbmdxdWFuLmNv\nbTANBgkqhkiG9w0BAQsFAAOCAQEAGhB6wR8oASt+MMQy9zFq0p4fnoE2UzrmJ2uo\nCUVJZo+qnrutA1gzI/b4jOEFP/x4iVwfHRqycz9D0RWWheVYGyvFCXeuxcFTynnR\nOG8UtbUCuO+a7KDBc8RfbKHopyvBAIjnNzP/Xd4qNaCA/wQDDbpIwyS8qDcOb4YR\nArtPeiOnWWt3cLZ0Sw9mmCp3h8VEtgqyukuF8M36cPneE3LXtDtfL+YTZWIHUo1e\nZIV/pFtunbJ7TDm9RrSpSB9fmP0eflVSYCpOPvuhFdrf3IJLzhJcf06Ve58TcvLg\nUfMzW7OCLhOke6Sq3VM/5HCok70q+iRPkBYifjDqBzAqidbTiw==\n-----END CERTIFICATE-----"],

    },

    requestResult:""

    }

    },

    methods: {

    downloadCAFile:function() {

    var that = this;

    if(that.androidConfig.ca.length > 1){

    console.log("远程公钥文件已装载");

    return ;

    }

    uni.downloadFile({

    //仅为示例,这里的证书公钥可以从浏览器导出

        url: 'https://dcloud.oss-cn-hangzhou.aliyuncs.com/UniADSDK/res/DCloud.pem',

        success: (res) => {

    // 这里的mime协议头是固定格式

    let downloadCAFilePath = "data:keystore/p12;filepath," + res.tempFilePath;

    console.log('downloadCAFilePath  === ' + downloadCAFilePath);

    that.androidConfig.ca.push(downloadCAFilePath);

    console.log('that.androidConfig.ca  === ' + JSON.stringify(that.androidConfig.ca));

        }

    });

    },

    goTlsRequest:function(){

    var that = this;

    uni.request({

    url:"https://test.duqingquan.com:13888/examples/servlets/servlet/HelloWorldExample",

    method:"get",

    androidTLSConfig:this.androidConfig,

    sslVerify:true,

    success: (res) => {

    console.log("success === " + JSON.stringify(res));

    that.requestResult = res;

    },

    fail: (res) => {

    console.log("fail === " + JSON.stringify(res));

    that.requestResult = res;

    }

    });

    },

    dcloudTlsRequest:function(){

    var that = this;

    uni.request({

    url:"https://ask.dcloud.net.cn/people/i7788",

    method:"get",

    androidTLSConfig: this.androidConfig,

    success: (res) => {

    console.log("success2 === " + JSON.stringify(res));

    that.requestResult = res;

    },

    fail: (res) => {

    console.log("fail2 === " + JSON.stringify(res));

    that.requestResult = res;

    }

    });

    },

    taobaoTlsRequest:function(){

    var that = this;

    uni.request({

    url:"https://www.taobao.com/",

    method:"get",

    androidTLSConfig: this.androidConfig,

    success: (res) => {

    console.log("success3 === " + JSON.stringify(res));

    that.requestResult = res;

    },

    fail: (res) => {

    console.log("fail3 === " + JSON.stringify(res));

    that.requestResult = res;

    }

    });

    },

    }

    }

    </script>

    <style>

    .container {

    padding: 20px;

    font-size: 14px;

    line-height: 24px;

    }

    .swiper-item {

    /* #ifndef APP-NVUE */

    display: flex;

    /* #endif */

    flex-direction: column;

    justify-content: center;

    align-items: center;

    background-color: #999;

    color: #fff;

    }

    .image {

    width: 750rpx;

    }

    //css 

    .button-icon {

    background-image: linear-gradient(to right, rgb(0, 238, 255), rgb(0, 193, 252));

    border-radius: 50rpx;

    height: 65rpx;

    padding-left: 20rpx;

    padding-right: 20rpx;

    overflow: hidden;

    }

    .myMenu-icon {

    font-size: 50rpx;

    padding-top: 8rpx;

    border-radius: 50rpx;

    overflow: hidden;

    }

    </style>

    ```

    相关文章

      网友评论

          本文标题:uni-app 配置HTTPS双向认证

          本文链接:https://www.haomeiwen.com/subject/yjzdlltx.html

          延伸阅读

          深度阅读

          • 您也可以注册成为美文阅读网的作者,发表您的原创作品、分享您的心情!

          栏目导航

          热点阅读

          关于我们|服务条款|联系我们|uni-app 配置HTTPS双向认证|投稿指南|网站地图|RSS订阅|排版工具|手机版

          提供经典美文摘抄,优美散文欣赏,现代诗歌精选,短篇小说,心情随笔,表白情书范文,故事会在线阅读欣赏

          Copyright © 2014-2023 Haomeiwen.com All Rights Reserved. 好美文阅读网 版权所有

          备案信息:桂公网安备 45052102000051号 · 桂ICP备13007215号-3

          本站所收录作品、热点评论等信息部分来源互联网,目的只是为了系统归纳学习和传递资讯

          所有作品版权归原创作者所有,与本站立场无关,如不慎侵犯了你的权益,请联系我们告知,我们将做删除处理!