HttpsURLConnection和DefaultHttpClient连接HTTPS不用证书
来源:互联网 发布:c语言99乘法表右下三角 编辑:程序博客网 时间:2024/06/05 00:48
android开发可以用key连接https地址,但是没有key的时候也可以用如下的办法信任任何主机连接https地址:
一 HttpsURLConnection:
import java.security.SecureRandom; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSession; import javax.net.ssl.X509TrustManager; private void trustEveryone() { try { HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier(){ public boolean verify(String hostname, SSLSession session) { return true; }}); SSLContext context = SSLContext.getInstance("TLS"); context.init(null, new X509TrustManager[]{new X509TrustManager(){ public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {} public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {} public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; }}}, new SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory( context.getSocketFactory()); } catch (Exception e) { // should never happen e.printStackTrace(); } }
二 DefaultHttpClient
在android中的SSLSocketFactory中有这样一个构造函数:
/**
* Constructs an HttpClient SSLSocketFactory backed by the given JSSE
* SSLSocketFactory.
*
* @hide
*/
public SSLSocketFactory(javax.net.ssl.SSLSocketFactory socketfactory) {
super();
this.sslcontext = null;
this.socketfactory = socketfactory;
this.nameResolver = null;
}
但是是hide的。所以把SSLSocketFactory源码复制出来放开了了这个函数。命名为MySSLSocketFactory。如下可以构造一个MySSLSocketFactory:
private MySSLSocketFactory newSslSocketFactory() {try {SSLContext context = SSLContext.getInstance("TLS");context.init(null, new X509TrustManager[] { new X509TrustManager() {public void checkClientTrusted(X509Certificate[] chain,String authType) throws CertificateException {}public void checkServerTrusted(X509Certificate[] chain,String authType) throws CertificateException {}public X509Certificate[] getAcceptedIssuers() {return new X509Certificate[0];}} }, new SecureRandom());// Pass the keystore to the SSLSocketFactory. The factory is// responsible// for the verification of the server certificate.MySSLSocketFactory sf = new MySSLSocketFactory(context.getSocketFactory());// Hostname verification from certificate// http://hc.apache.org/httpcomponents-client-ga/tutorial/html/connmgmt.html#d4e506sf.setHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER);return sf;} catch (Exception e) {throw new AssertionError(e);}}
这样也解决了在android中用DefaultHttpClient连接https的问题。
- HttpsURLConnection和DefaultHttpClient连接HTTPS不用证书
- android https HttpsURLConnection 忽略证书
- HttpsURLConnection访问HTTPS链接时信任所有证书
- httpClient 连接 https + 证书连接
- Java https请求 HttpsURLConnection
- Java https请求 HttpsURLConnection
- HttpsUrlConnection https双向验证
- JAVA HTTPS请求 HttpsURLConnection
- https 的 HttpsURLConnection
- Https-HttpsURLConnection 配置
- Android HttpsUrlConnection HTTPS
- 关于JAVA发送Https请求(HttpsURLConnection和HttpURLConnection)
- Java用HttpsURLConnection访问https网站的时候如何跳过SSL证书的验证?
- HTTPS和证书原理
- https和证书
- 关于 Https 和证书
- HTTPS 和 证书
- 我的Android进阶之旅------>Android关于HttpsURLConnection一个忽略Https证书是否正确的Https请求工具类
- jstl中fn表达式的应用
- 固定文本的国际化
- Deverpress中的TreeList用法
- 如何学好C语言
- Javascript 字符串转日期
- HttpsURLConnection和DefaultHttpClient连接HTTPS不用证书
- 64位下PL/SQL连接Oracle
- JSTL国际化
- 游标的使用
- vc中常见字符类型的讨论
- java内存泄漏原因分析及解决方法
- 『只读经典』机器学习与人工智能书籍资源导引
- 面向对象之继承和组合浅谈
- 18、从头学Android之BroadcastReceiver