使用Https进行网络访问

来源：互联网发布：平衡流量计计算软件编辑：程序博客网时间：2024/04/29 23:26

添加网络权限

 <uses-permission android:name="android.permission.INTERNET" />

有安全证书的SSLContext

public static SSLContext getSSLContextWithCer() throws NoSuchAlgorithmException, IOException, CertificateException,            KeyStoreException, UnrecoverableKeyException, KeyManagementException {        // 实例化SSLContext        SSLContext sslContext = SSLContext.getInstance("SSL");        // 从assets中加载证书，在HTTPS通讯中最常用的是cer/crt和pem        InputStream inStream = MyApplication.getApplication().getAssets().open("zhoujian.cer");        /*         * X.509 标准规定了证书可以包含什么信息，并说明了记录信息的方法 常见的X.509证书格式包括：         * cer/crt是用于存放证书，它是2进制形式存放的，不含私钥。         * pem跟crt/cer的区别是它以Ascii来表示，可以用于存放证书或私钥。         */        // 证书工厂        CertificateFactory cerFactory = CertificateFactory.getInstance("X.509");        Certificate cer = cerFactory.generateCertificate(inStream);        // 密钥库        //Pkcs12也是证书格式 PKCS#12是“个人信息交换语法”。它可以用来将x.509的证书和证书对应的私钥打包，进行交换。        KeyStore keyStory = KeyStore.getInstance("PKCS12");        keyStory.load(null, null);        // 加载证书到密钥库中        keyStory.setCertificateEntry("ass", cer);        // 密钥管理器        KeyManagerFactory kMFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());        kMFactory.init(keyStory, null);        // 信任管理器        TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());        tmFactory.init(keyStory);        //初始化sslContext        sslContext.init(kMFactory.getKeyManagers(), tmFactory.getTrustManagers(), new SecureRandom());        inStream.close();        return sslContext;    }

没有安全证书的SSLContext

public static SSLContext getSSLContextWithoutCer() throws NoSuchAlgorithmException, KeyManagementException {        // 实例化SSLContext        // 这里参数可以用TSL 也可以用SSL        SSLContext sslContext = SSLContext.getInstance("SSL");        sslContext.init(null, new TrustManager[] { trustManagers }, new SecureRandom());        return sslContext;    }    private static TrustManager trustManagers = new X509TrustManager() {        @Override        public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {        }        @Override        public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {        }        @Override        public X509Certificate[] getAcceptedIssuers() {            return new X509Certificate[0];        }    };

网络请求的核心代码

package com.zhoujian.https;import android.app.Activity;import android.os.Bundle;import android.util.Log;import java.io.IOException;import java.io.InputStream;import java.net.HttpURLConnection;import java.net.URL;import java.security.KeyManagementException;import java.security.KeyStoreException;import java.security.NoSuchAlgorithmException;import java.security.UnrecoverableKeyException;import java.security.cert.CertificateException;import javax.net.ssl.HttpsURLConnection;import javax.net.ssl.SSLContext;import javax.net.ssl.SSLSocketFactory;public class MainActivity extends Activity{    @Override    protected void onCreate(Bundle savedInstanceState)    {        super.onCreate(savedInstanceState);        setContentView(R.layout.activity_main);        new Thread()        {            public void run()            {                try                {                    getConnection();                }                catch (Exception e)                {                    e.printStackTrace();                }            }        }.start();    }    private void getConnection() throws IOException, KeyManagementException, NoSuchAlgorithmException,            UnrecoverableKeyException, CertificateException, KeyStoreException {        // https://github.com/zeke123/ConstraintLayout        // http://my.csdn.net/my/mycsdn        URL url = new URL("https://github.com/zeke123/ConstraintLayout");        HttpURLConnection connection = (HttpURLConnection) url.openConnection();        connection.setConnectTimeout(5 * 1000);        connection.setReadTimeout(5 * 1000);        connection.setRequestMethod("GET");        Log.e("zhoujian", "url==" + url);        Log.e("zhoujian", " 是否是https请求==" + (connection instanceof HttpsURLConnection));        if (connection instanceof HttpsURLConnection) {            //得到sslContext对象，有两种情况：1.需要安全证书，2.不需要安全证书            SSLContext sslContext = HttpsUtil.getSSLContextWithCer();             //SSLContext sslContext = HttpsUtil.getSSLContextWithoutCer();            if (sslContext != null) {                SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();               ((HttpsURLConnection) connection).setDefaultSSLSocketFactory(sslSocketFactory);                //((HttpsURLConnection) connection).setHostnameVerifier(HttpsUtil.hostnameVerifier);            }        }        int responseCode = connection.getResponseCode();        Log.e("zhoujian", "responseCode==" + responseCode);        if (responseCode == 200) {            InputStream is = connection.getInputStream();            Log.e("zhoujian", "is==" + is);            is.close();        }        connection.disconnect();    }}

使用Https进行网络访问

添加网络权限

有安全证书的SSLContext

没有安全证书的SSLContext

网络请求的核心代码

使用Https请求网络

不使用Https请求网络

源码下载