Android 访问不受信任的HTTPS，无需证书

httpClient 4.0以上的版本貌似已经没有支持访问不受信任的https站点，所以只能退到httpClient 3.0

1. 需要用到的jar包

commons-codec-1.4.jar

commons-httpcient-3.0.jar

commons-logging-4.0.6.jar

2.调用连接的代码，注意android支持TLS,目前好像不支持SSL

HttpClient httpClient = new HttpClient();
        httpClient.getHttpConnectionManager().getParams().setConnectionTimeout(timeoutConnection);
        httpClient.getHttpConnectionManager().getParams().setSoTimeout(timeoutSocket);
        supportSSL(url, httpClient);
        PostMethod postMethod = new PostMethod(url);
        postMethod.setRequestBody(reqEntity.getContent());
        int statusCode = 0;
        try
        {
            statusCode = httpClient.executeMethod(postMethod);
        }
        catch (Exception e)
        {
            e.printStackTrace();
        }

        InputStream input = null;
        if (statusCode == 200)
        {
            try
            {
                input = postMethod.getResponseBodyAsStream();
            }
            catch (IOException e)
            {
                e.printStackTrace();
            }
        }

        return input;
    }

    /**
     * 支持所有不信任站点HTTPS的访问 author gegaosong
     */
    private static void supportSSL(String url, HttpClient client)
    {

        try
        {
            setSSLProtocol(url, client);
        }
        catch (Exception e)
        {
            e.printStackTrace();
        }
        Security.setProperty("ssl.SocketFactory.provider", "com.tool.util.DummySSLSocketFactory");
    }

    private static void setSSLProtocol(String strUrl, HttpClient client) throws Exception
    {

        URL url = new URL(strUrl);
        String host = url.getHost();
        int port = url.getPort();

        if (port <= 0)
        {
            port = 443;
        }
        // 自定义的管理器
        X509TrustManager xtm = new TrustAnyTrustManager();
        TrustManager mytm[] =
        {
            xtm
        };
        // 得到上下文
        SSLContext ctx = SSLContext.getInstance("TLS");
        // 初始化
        ctx.init(null, mytm, null);
        // 获得工厂
        SSLSocketFactory factory = ctx.getSocketFactory();

        Protocol authhttps = new Protocol("https", new ClickooSecureProtocolSocketFactory(), port);
        Protocol.registerProtocol("https", authhttps);
        // set https protocol
        client.getHostConfiguration().setHost(host, port, authhttps);
    }

用到的一些验证类：

import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.SocketAddress;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;

import javax.net.SocketFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;

import org.apache.commons.httpclient.ConnectTimeoutException;
import org.apache.commons.httpclient.params.HttpConnectionParams;
import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;

public class ClSecureProtocolSocketFactory implements SecureProtocolSocketFactory
{
    private SSLContext sslcontext = null;

    private SSLContext createSSLContext()
    {
        SSLContext sslcontext = null;
        try
        {
            sslcontext = SSLContext.getInstance("TLS");
            sslcontext.init(null, new TrustManager[]
            {
                new TrustAnyTrustManager()
            }, new java.security.SecureRandom());
        }
        catch (NoSuchAlgorithmException e)
        {
            e.printStackTrace();
        }
        catch (KeyManagementException e)
        {
            e.printStackTrace();
        }
        return sslcontext;
    }

    private SSLContext getSSLContext()
    {
        if (this.sslcontext == null)
        {
            this.sslcontext = createSSLContext();
        }
        return this.sslcontext;
    }

    public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException
    {
        return getSSLContext().getSocketFactory().createSocket(socket, host, port, autoClose);
    }

    public Socket createSocket(String host, int port) throws IOException, UnknownHostException
    {
        return getSSLContext().getSocketFactory().createSocket(host, port);
    }

    public Socket createSocket(String host, int port, InetAddress clientHost, int clientPort) throws IOException, UnknownHostException
    {
        return getSSLContext().getSocketFactory().createSocket(host, port, clientHost, clientPort);
    }

    public Socket createSocket(String host, int port, InetAddress localAddress, int localPort, HttpConnectionParams params) throws IOException, UnknownHostException, ConnectTimeoutException
    {
        if (params == null)
        {
            throw new IllegalArgumentException("Parameters may not be null");
        }
        int timeout = params.getConnectionTimeout();
        SocketFactory socketfactory = getSSLContext().getSocketFactory();
        if (timeout == 0)
        {
            return socketfactory.createSocket(host, port, localAddress, localPort);
        }
        else
        {
            Socket socket = socketfactory.createSocket();
            SocketAddress localaddr = new InetSocketAddress(localAddress, localPort);
            SocketAddress remoteaddr = new InetSocketAddress(host, port);
            socket.bind(localaddr);
            socket.connect(remoteaddr, timeout);
            return socket;
        }
    }

}

import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.X509TrustManager;

public  class TrustAnyTrustManager implements X509TrustManager
{

    public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException
    {
    }

    public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException
    {
    }

    public X509Certificate[] getAcceptedIssuers()
    {
        return new X509Certificate[]
        {};
    }
}