https 证书验证 okhttp https设置

自制https证书

需要验证.

okhttp不验证直接通过通过所有的https连接

代码如下

 public void getONetWorkString() {        OkHttpClient build = new OkHttpClient.Builder()                .sslSocketFactory(createSSLSocketFactory())                                                       .hostnameVerifier(new TrustAllHostnameVerifier())                                                       .build();        String        url     = "https://www.12306.cn/mormhweb/";//带https的网址        final Request request = new Request.Builder().url(url).build();        Call          call    = build.newCall(request);        call.enqueue(new Callback() {            @Override            public void onFailure(Call call, IOException e) {                Log.i("joker", e.getMessage());            }            @Override            public void onResponse(Call call, Response response)                    throws IOException            {                String res = response.body().string();                Log.e("joker",res);            }        });    }    private static class TrustAllCerts implements X509TrustManager {        @Override        public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {}        @Override        public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {}        @Override        public X509Certificate[] getAcceptedIssuers() {return new X509Certificate[0];}    }    private static class TrustAllHostnameVerifier implements HostnameVerifier {        @Override        public boolean verify(String hostname, SSLSession session) {            return true;        }    }    private static SSLSocketFactory createSSLSocketFactory() {        SSLSocketFactory ssfFactory = null;        try {            SSLContext sc = SSLContext.getInstance("TLS");            sc.init(null,  new TrustManager[] { new TrustAllCerts() }, new SecureRandom());            ssfFactory = sc.getSocketFactory();        } catch (Exception e) {        }        return ssfFactory;    }

app带证书验证

 public void getNetWorkString() {        String        url     = "https://www.12306.cn/mormhweb/";//带https的网址        final Request request = new Request.Builder().url(url).build();        Call          call    = setCard().newCall(request);        call.enqueue(new Callback() {            @Override            public void onFailure(Call call, final IOException e) {                runOnUiThread(new Runnable() {                    @Override                    public void run() {                        Toast.makeText(MainActivity.this,e.getMessage(),Toast.LENGTH_LONG).show();                    }                });                Log.i("joker", e.getMessage());            }            @Override            public void onResponse(Call call, Response response)                    throws IOException            {                final String res = response.body().string();                Log.e("joker",res);                runOnUiThread(new Runnable() {                    @Override                    public void run() {                        Toast.makeText(MainActivity.this,res,Toast.LENGTH_LONG).show();                    }                });            }        });    }

 public OkHttpClient setCard() {        OkHttpClient.Builder builder = new OkHttpClient.Builder();        try {            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");            KeyStore           keyStore           = KeyStore.getInstance(KeyStore.getDefaultType());            keyStore.load(null);            String certificateAlias = Integer.toString(0);            keyStore.setCertificateEntry(certificateAlias, certificateFactory.generateCertificate(getAssets().open("daodianwang.cer")));//拷贝好的证书            SSLContext sslContext = SSLContext.getInstance("TLS");            final TrustManagerFactory trustManagerFactory =                    TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());            trustManagerFactory.init(keyStore);            sslContext.init                    (                            null,                            trustManagerFactory.getTrustManagers(),                            new SecureRandom()                    );            builder.sslSocketFactory(sslContext.getSocketFactory());            builder.hostnameVerifier(new HostnameVerifier() {                @Override                public boolean verify(String s, SSLSession sslSession) {                    return true;                }            });        } catch (Exception e) {            e.printStackTrace();        }        return builder.build();    }

okhttp用的是最新版本3.5的

用证书这里有个深坑.

用360浏览器导出的证书可以生效

然而用UC浏览器导出的证书居然不可以生效.简直不忍直视.坑爆了.代码是可行的.

asyncHttpClient 用https的配置

不验证简单到不能再简单了

AsyncHttpClient client = new AsyncHttpClient(true,80,443);

或者

AsyncHttpClient client = new AsyncHttpClient();client.setSSLSocketFactory(MySSLSocketFactory.getFixedSocketFactory());