Android ignore https certificate verification
通过Https访问的时候经常会遇到"Not trusted Server Certificate"的问题,有人说在3.0上面没有这个问题,可能已经改进了,在2.2及以前的版本中有这个问题。
开始想的是采用安装证书的方法(Trusting SSL certificates),最后也没有成功,不知道是证书的原因还是其他,有人说安装证书只能在WIFI上使用,没有找到官方文档,用户可能在GPRS上使用,只能放弃。
StackOverflow上也有相关的方案,我整理了一下。
我将注册的步骤封装到DefaultHttpClient子类中了,这样看上去更清晰一些,你也可以
直接实例化DefaultHttpClient的方法。
1. SchemeRegistry schemeRegistry = new SchemeRegistry(); schemeRegistry.register(new Scheme ("https", sslf, 443));
2. SingleClientConnManager cm = new
3. SingleClientConnManager(post.getParams(), schemeRegistry);
4. HttpClient client = new DefaultHttpClient(cm, post.getParams());
1. /**
2. * @author Brant
3. * @decription
4. */
5. public class SSLHttpClient extends DefaultHttpClient {
6.
7. @Override
8. protected ClientConnectionManager createClientConnectionManager() {
9. SchemeRegistry registry = new SchemeRegistry();
10. registry.register(new Scheme("http", PlainSocketFactory
11. .getSocketFactory(), 80));
//443是Https的默认端口,如果网站配置的端口不一样,这里要记着改一下
12. registry.register(new Scheme("https", new EasySSLSocketFactory(), 443));
13. return new SingleClientConnManager(getParams(), registry);
14.
15. }
16.
17. public static SSLHttpClient getInstance() {
18. SSLHttpClient client = new SSLHttpClient();
19. client.setCookieStore(mCookie);
20. return client;
21. }
22. }
EasySSLSocketFactory:
1. import java.io.IOException;
2. import java.net.InetAddress;
3. import java.net.InetSocketAddress;
4. import java.net.Socket;
5. import java.net.UnknownHostException;
6.
7. import javax.net.ssl.SSLContext;
8. import javax.net.ssl.SSLSocket;
9. import javax.net.ssl.TrustManager;
10.
11. import org.apache.http.conn.ConnectTimeoutException;
12. import org.apache.http.conn.scheme.LayeredSocketFactory;
13. import org.apache.http.conn.scheme.SocketFactory;
14. import org.apache.http.params.HttpConnectionParams;
15. import org.apache.http.params.HttpParams;
16.
17. /**
18. * This socket factory will create ssl socket that accepts self signed
19. * certificate
20. *
21. * @author olamy
22. * @version $Id: EasySSLSocketFactory.java 765355 2009-04-15 20:59:07Z evenisse
23. * $
24. * @since 1.2.3
25. */
26. public class EasySSLSocketFactory implements SocketFactory,
27. LayeredSocketFactory {
28.
29. private SSLContext sslcontext = null;
30.
31. private static SSLContext createEasySSLContext() throws IOException {
32. try {
33. SSLContext context = SSLContext.getInstance("TLS");
34. context.init(null, new TrustManager[] { new EasyX509TrustManager(
35. null) }, null);
36. return context;
37. } catch (Exception e) {
38. throw new IOException(e.getMessage());
39. }
40. }
41.
42. private SSLContext getSSLContext() throws IOException {
43. if (this.sslcontext == null) {
44. this.sslcontext = createEasySSLContext();
45. }
46. return this.sslcontext;
47. }
48.
49. /**
50. * @see org.apache.http.conn.scheme.SocketFactory#connectSocket(java.net.Socket,
51. * java.lang.String, int, java.net.InetAddress, int,
52. * org.apache.http.params.HttpParams)
53. */
54. public Socket connectSocket(Socket sock, String host, int port,
55. InetAddress localAddress, int localPort, HttpParams params)
56. throws IOException, UnknownHostException, ConnectTimeoutException {
57. int connTimeout = HttpConnectionParams.getConnectionTimeout(params);
58. int soTimeout = HttpConnectionParams.getSoTimeout(params);
59.
60. InetSocketAddress remoteAddress = new InetSocketAddress(host, port);
61. SSLSocket sslsock = (SSLSocket) ((sock != null) ? sock : createSocket());
62.
63. if ((localAddress != null) || (localPort > 0)) {
64. // we need to bind explicitly
65. if (localPort < 0) {
66. localPort = 0; // indicates "any"
67. }
68. InetSocketAddress isa = new InetSocketAddress(localAddress,
69. localPort);
70. sslsock.bind(isa);
71. }
72.
73. sslsock.connect(remoteAddress, connTimeout);
74. sslsock.setSoTimeout(soTimeout);
75.
补充:移动开发 , Android ,