Retrofit支持https
来源:互联网 发布:2018人工智能大会 编辑:程序博客网 时间:2024/06/05 22:46
1信任所有https请求
okHttpClient设置sslSocketFactory,hostnameVerifier
OkHttpClient okHttpClient = new OkHttpClient.Builder() .connectTimeout(5, TimeUnit.SECONDS) .readTimeout(10, TimeUnit.SECONDS) .sslSocketFactory(getSSLSocketFactory(),new TrustAllCerts()) .hostnameVerifier(getHostnameVerifier()) .build();Retrofit retrofit = new Retrofit.Builder().baseUrl(url) .client(okHttpClient) .addCallAdapterFactory(RxJava2CallAdapterFactory.create()) .addConverterFactory(GsonConverterFactory.create()) .build();
getSSLSocketFactory()方法如下:
public static SSLSocketFactory getSSLSocketFactory() { SSLSocketFactory ssfFactory = null; try { SSLContext sc = SSLContext.getInstance("TLS"); sc.init(null, new TrustManager[]{new CustomTrustManager()}, new SecureRandom()); ssfFactory = sc.getSocketFactory(); } catch (Exception e) { } return ssfFactory; }
其中CustomTrustManager类很简单只需实现X509TrustManager
public class CustomTrustManager implements X509TrustManager{ @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @Override public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; }}
getHostnameVerifier()如下,return true就可以
public static HostnameVerifier getHostnameVerifier() { HostnameVerifier hostnameVerifier= new HostnameVerifier() { public boolean verify(String hostname, SSLSession session) { return true; } }; return hostnameVerifier; }
2信任证书和指定的url地址
改动上面getSSLSocketFactory(),getHostnameVerifier()方法即可,代码如下:
public static int[] certificates = {R.raw.mycer}; protected static SSLSocketFactory getSSLSocketFactory(Context context, int[] certificates) { if (context == null) { throw new NullPointerException("context == null"); } CertificateFactory certificateFactory; SSLContext sslContext=null; try { certificateFactory = CertificateFactory.getInstance("X.509"); KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(null, null); for (int i = 0; i < certificates.length; i++) { InputStream certificate = context.getResources().openRawResource(certificates[i]); keyStore.setCertificateEntry(String.valueOf(i), certificateFactory.generateCertificate(certificate)); if (certificate != null) { certificate.close(); } } sslContext = SSLContext.getInstance("TLS"); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(keyStore); sslContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom()); }catch (Exception e){ e.printStackTrace(); } return sslContext.getSocketFactory(); }
R.raw.mycer是自行导入在res/raw/Mycer.cer证书,如图
getHostnameVerifier()代码如下
public static String urls[] = {"url1","url2"}; public static HostnameVerifier getHostnameVerifier() { HostnameVerifier hostnameVerifier = new HostnameVerifier() { public boolean verify(String hostname, SSLSession session) { boolean verifier = false; for (String host : urls) { if (host.equalsIgnoreCase(hostname)) { verifier = true; } } return verifier; } }; return hostnameVerifier; }
上面public static String urls[] = {“url1”,”url2”},url1,url2是你需要信任的服务器地址,例如上方new Retrofit.Builder().baseUrl(url)中url=”https://test2-mytest.com:8888/mytest/”,url1相对应就是test2-mytest.com,验证时会自动去掉https。
上述四个方法可任意组合,信任指定路径,或者所有路径,带证书或者不带证书。
阅读全文
0 0
- retrofit支持https
- Retrofit支持https
- Retrofit 2.0 超能实践,完美支持Https传输
- Retrofit 2.0 超能实践,完美支持Https传输
- Retrofit Https请求
- 使用Retrofit Https请求
- Retrofit实现HTTPS请求
- Retrofit 2.0 超能实践(一),okHttp完美支持Https传输
- Retrofit 2.0 超能实践(一),完美支持加密Https传输
- okhttp/Retrofit-rxJava加入数字证书支持HTTPS 实现单向及双向验证
- Retrofit忽略Https安全验证
- 基于Retrofit实现HTTPS思路
- Retrofit中如何正确的使用https?
- 谈谈Retrofit连接https证书问题
- Retrofit 2.0 https的应用,以及实践
- 关于Retrofit使用HTTPS的相关问题
- retrofit遇上https自签名证书
- 关于Retrofit使用HTTPS的相关问题
- STM32F407(7)
- 什么是静态、动态、伪静态【转于百度知道的答案】
- Spring教程第二篇:Spring-Test(单元测试)
- 淘淘商城-传智播客J2EE的实践项目-1.简介
- 时针分针角度问题1094.Clock
- Retrofit支持https
- 自定义控件三角绕圆圈
- Genymotion在win10上遇到的坑
- FPGA烧录【pof文件】【sof文件】
- ehcache配置小记
- 《深入理解Linux内核》-3.2. 进程描述符
- 购物车的增删改查
- SQL SERVER 2008 系列问题:无法访问,混合模式
- angularJS密码输入