https
最近在使用https訪問時遇到證書的問題霜医,在調(diào)試的時候始終會提示證書不可用齿拂,于是查詢了一下,忽略證書的驗證肴敛;
方法一:
1.繼承SSLSocketFactory 署海,重寫里面的方法;
import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
public class SSLSocketFactoryImp extends SSLSocketFactory {
private SSLContext sslContext = SSLContext.getInstance("SSL");
private TrustManager trustManager = null;
public SSLContext getSSLContext() {
return sslContext;
}
public X509TrustManager getTrustManager() {
return (X509TrustManager)trustManager;
}
public SSLSocketFactoryImp(KeyStore keyStore) throws NoSuchAlgorithmException, KeyManagementException {
trustManager = new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
//注意這里不能返回null医男,否則會報錯,如下面錯誤[1]
X509Certificate[] x509Certificates = new X509Certificate[0];
return x509Certificates;
}
};
sslContext.init(null, new TrustManager[]{trustManager}, null);
}
@Override
public String[] getDefaultCipherSuites() {
return new String[0];
}
@Override
public String[] getSupportedCipherSuites() {
return new String[0];
}
@Override
public Socket createSocket() throws IOException {
return sslContext.getSocketFactory().createSocket();
}
@Override
public Socket createSocket(Socket socket, String host, int post, boolean autoClose) throws IOException {
return sslContext.getSocketFactory().createSocket(socket, host, post, autoClose);
}
@Override
public Socket createSocket(String s, int i) throws IOException, UnknownHostException {
return null;
}
@Override
public Socket createSocket(String s, int i, InetAddress inetAddress, int i1) throws IOException, UnknownHostException {
return null;
}
@Override
public Socket createSocket(InetAddress inetAddress, int i) throws IOException {
return null;
}
@Override
public Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress1, int i1) throws IOException {
return null;
}
}
2.在相應(yīng)的地方調(diào)用,該方法中忽略了我的其他設(shè)置砸狞,只包含關(guān)于ssl的設(shè)置,不影響正常使用镀梭。
public static OkHttpClient getClient(Interceptor... interceptor) {
OkHttpClient.Builder builder = null;
try {
builder = new OkHttpClient.Builder();
//ssl verifier
KeyStore trustStore;
trustStore = KeyStore.getInstance(KeyStore
.getDefaultType());
trustStore.load(null, null);
SSLSocketFactoryImp ssl = new SSLSocketFactoryImp(KeyStore.getInstance(KeyStore.getDefaultType()));
HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
builder.sslSocketFactory(ssl.getSSLContext().getSocketFactory(), ssl.getTrustManager())
.hostnameVerifier(DO_NOT_VERIFY);
} catch (Exception e) {
e.printStackTrace();
}
return builder.build();
}
方法二:
直接利用SSLContext來設(shè)置
X509TrustManager xtm = new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
X509Certificate[] x509Certificates = new X509Certificate[0];
return x509Certificates;
}
};
SSLContext sslContext = null;
try {
sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, new TrustManager[]{xtm}, new SecureRandom());
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
}
HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
OkHttpClient okHttpClient = new OkHttpClient.Builder()
.addInterceptor(interceptor)
.sslSocketFactory(sslContext.getSocketFactory())
.hostnameVerifier(DO_NOT_VERIFY)
.build();
錯誤
上面說到如果
public X509Certificate[] getAcceptedIssuers() {
X509Certificate[] x509Certificates = new X509Certificate[0];
return x509Certificates;
}
返回null刀森,報錯如下:
AndroidRuntime( 9669): java.lang.RuntimeException: Unable to start activity ComponentInfo{com.xxxx.android/com.xxxxActivity}: java.lang.NullPointerException: Attempt to get length of null array
E/AndroidRuntime( 9669): at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2623)
E/AndroidRuntime( 9669): at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2687)
E/AndroidRuntime( 9669): at android.app.ActivityThread.access$800(ActivityThread.java:177)
E/AndroidRuntime( 9669): at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1557)
E/AndroidRuntime( 9669): at android.os.Handler.dispatchMessage(Handler.java:111)
E/AndroidRuntime( 9669): at android.os.Looper.loop(Looper.java:199)
E/AndroidRuntime( 9669): at android.app.ActivityThread.main(ActivityThread.java:5755)
E/AndroidRuntime( 9669): at java.lang.reflect.Method.invoke(Native Method)
E/AndroidRuntime( 9669): at java.lang.reflect.Method.invoke(Method.java:372)
E/AndroidRuntime( 9669): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:982)
E/AndroidRuntime( 9669): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:777)
E/AndroidRuntime( 9669): Caused by: java.lang.NullPointerException: Attempt to get length of null array
E/AndroidRuntime( 9669): at okhttp3.internal.tls.RealTrustRootIndex.<init>(RealTrustRootIndex.java:31)
E/AndroidRuntime( 9669): at okhttp3.internal.Platform.trustRootIndex(Platform.java:100)
E/AndroidRuntime( 9669): at okhttp3.internal.Platform$Android.trustRootIndex(Platform.java:249)
E/AndroidRuntime( 9669): at okhttp3.OkHttpClient.<init>(OkHttpClient.java:189)
E/AndroidRuntime( 9669): at okhttp3.OkHttpClient.<init>(OkHttpClient.java:60)
E/AndroidRuntime( 9669): at okhttp3.OkHttpClient$Builder.build(OkHttpClient.java:718)
以上記錄,如有錯誤报账,還望留言指教研底!