android 实现https通讯,通过读取cer或pfx证书
来源:互联网 发布:python for mac 安装 编辑:程序博客网 时间:2024/04/27 17:14
1. 通过pfx证书实现https请求
准备好xxx.pfx证书(如放在assets目录下) 准好证书的私钥密码
代码实现如下:
public static final String CLIENT_KET_PASSWORD="123456"; KeyStore trustStore = KeyStore.getInstance("PKCS12", "BC"); trustStore.load(MainActivity.this.getAssets().open("xxxx.pfx"), CLIENT_KET_PASSWORD.toCharArray()); org.apache.http.conn.ssl.SSLSocketFactory sf = new SSLSocketFactoryEx(trustStore, CLIENT_KET_PASSWORD.toCharArray()); sf.setHostnameVerifier(org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); HttpParams params = new BasicHttpParams(); HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1); HttpProtocolParams.setContentCharset(params, "utf-8"); SchemeRegistry registry = new SchemeRegistry(); registry.register(new Scheme("http", PlainSocketFactory .getSocketFactory(), 80)); registry.register(new Scheme("https", sf, 443)); HttpClient client = null; String msg = ""; try { ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry); client = new DefaultHttpClient(ccm, params); HttpGet hg = new HttpGet(url); HttpResponse response = client.execute(hg); HttpEntity entity = response.getEntity(); if (entity != null) { InputStream instreams = entity.getContent(); msg = convertStreamToString(instreams); } Log.d("result",msg); } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); } **并且需要自定义SSLSocketFactory类**public class SSLSocketFactoryEx extends SSLSocketFactory{ SSLContext sslContext = SSLContext.getInstance("TLS"); public SSLSocketFactoryEx(KeyStore truststore, char[] arry) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { super(truststore); KeyManagerFactory localKeyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory .getDefaultAlgorithm()); localKeyManagerFactory.init(truststore, arry); KeyManager[] arrayOfKeyManager = localKeyManagerFactory.getKeyManagers(); TrustManager tm = new X509TrustManager() { @Override public X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } }; sslContext.init(arrayOfKeyManager, new TrustManager[] { tm }, new java.security.SecureRandom()); } @Override public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException { return sslContext.getSocketFactory().createSocket(socket, host, port, autoClose); } @Override public Socket createSocket() throws IOException { return sslContext.getSocketFactory().createSocket(); }}
2.通过cer证书实现https请求
/** * HttpsURLConnection 实现https请求 */ private void starHttpsCer(String urlStr) { HttpsURLConnection conn = null; try { URL url = new URL(urlStr); conn = (HttpsURLConnection) url.openConnection(); conn.setSSLSocketFactory(setCertificates(MainActivity.this.getAssets().open("xxx.cer"))); conn.connect(); if(conn.getResponseCode() == 200) { InputStream is = conn.getInputStream(); ByteArrayOutputStream bytestream = new ByteArrayOutputStream(); int ch; while ((ch = is.read()) != -1) { bytestream.write(ch); } is.close(); conn.disconnect(); byte[] result = bytestream.toByteArray(); Log.d("result",new String(result)); } } catch (Exception e){ e.printStackTrace(); } }public SSLSocketFactory setCertificates(InputStream... certificates){ try{ //证书工厂。此处指明证书的类型 CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509"); //创建一个证书库 KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(null); int index = 0; for (InputStream certificate : certificates){ String certificateAlias = Integer.toString(index++); //将证书导入证书库 keyStore.setCertificateEntry(certificateAlias, certificateFactory.generateCertificate(certificate)); try{ if (certificate != null) certificate.close(); } catch (IOException e){ e.printStackTrace() ; } } //取得SSL的SSLContext实例 SSLContext sslContext = SSLContext.getInstance("TLS"); TrustManagerFactory trustManagerFactory = TrustManagerFactory. getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(keyStore);// //初始化keystore// KeyStore clientKeyStore = KeyStore.getInstance(KeyStore.getDefaultType());// clientKeyStore.load(getAssets().open("client.jks"), "123456".toCharArray());//// KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());// keyManagerFactory.init(clientKeyStore, "123456".toCharArray());// 第一个参数是授权的密钥管理器,用来授权验证。TrustManager[]第二个是被授权的证书管理器,用来验证服务器端的证书。第三个参数是一个随机数值,可以填写null sslContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());// sslContext.init(null, null, new SecureRandom()); return sslContext.getSocketFactory() ; } catch (Exception e){ e.printStackTrace(); } return null ; }
注:
如果手机上开了网络代理,有可能遇上请求失败,请关闭代理后重试
0 0
- android 实现https通讯,通过读取cer或pfx证书
- android https通过加载pfx证书获取数据
- 公钥证书cer,pfx
- 关于pfx证书和cer证书
- HttpClient用证书Https cer
- java https 导入cer证书
- maven编译证书后证书变大too big pfx,cer
- 从自签名证书导出pfx和cer证书
- cer, pfx 创建,并且读取公钥/密钥,加解密 (C#程序实现)
- cer, pfx 创建,并且读取公钥/密钥,加解密 (C#程序实现)
- cer, pfx 创建,并且读取公钥/密钥,加解密 (C#程序实现) 【笔记】
- cer, pfx 创建,并且读取公钥/密钥,加解密 (C#程序实现)
- 证书,jks、pfx和cer后缀都是什么文件
- 证书,jks、pfx和cer后缀都是什么文件
- Android cer ssl 安全证书 https Android(cacerts.bks)添加根证书
- android通过生成bks证书来访问https的实现
- Maven编译后证书字节变大,too big pfx,导致解密失败,cer,pfx
- 【下载https协议需要的cer证书】
- 窗口重绘的三个函数
- volatile的一些理解
- 【Java笔试题】输出数组中所有元素组成的最小整数
- 教你编译PHP7 (nginx+mysql+php7)
- 解析json数据(一)
- android 实现https通讯,通过读取cer或pfx证书
- C语言再学习 -- 常用快捷键
- Android Studio上实现一个最简单的ndk项目的步骤
- camera 原理
- 微信小程序学习(9)-progress进度条
- 二维数组
- GPIO简介
- Android 点击外部软键盘隐藏寻找最优解
- Material Design——CardView的简单使用