自制https证书
需要验证.
okhttp不验证直接通过通过所有的https连接
代码如下
public void getONetWorkString() {
OkHttpClient build = new OkHttpClient.Builder()
.sslSocketFactory(createSSLSocketFactory())
.hostnameVerifier(new TrustAllHostnameVerifier())
.build();
String url = "https://www.12306.cn/mormhweb/";//带https的网址
final Request request = new Request.Builder().url(url).build();
Call call = build.newCall(request);
call.enqueue(new Callback() {
@Override
public void onFailure(Call call, IOException e) {
Log.i("joker", e.getMessage());
}
@Override
public void onResponse(Call call, Response response)
throws IOException
{
String res = response.body().string();
Log.e("joker",res);
}
});
}
private static class TrustAllCerts implements X509TrustManager {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {}
@Override
public X509Certificate[] getAcceptedIssuers() {return new X509Certificate[0];}
}
private static class TrustAllHostnameVerifier implements HostnameVerifier {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
}
private static SSLSocketFactory createSSLSocketFactory() {
SSLSocketFactory ssfFactory = null;
try {
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, new TrustManager[] { new TrustAllCerts() }, new SecureRandom());
ssfFactory = sc.getSocketFactory();
} catch (Exception e) {
}
return ssfFactory;
}
app带证书验证
public void getNetWorkString() {
String url = "https://www.12306.cn/mormhweb/";//带https的网址
final Request request = new Request.Builder().url(url).build();
Call call = setCard().newCall(request);
call.enqueue(new Callback() {
@Override
public void onFailure(Call call, final IOException e) {
runOnUiThread(new Runnable() {
@Override
public void run() {
Toast.makeText(MainActivity.this,e.getMessage(),Toast.LENGTH_LONG).show();
}
});
Log.i("joker", e.getMessage());
}
@Override
public void onResponse(Call call, Response response)
throws IOException
{
final String res = response.body().string();
Log.e("joker",res);
runOnUiThread(new Runnable() {
@Override
public void run() {
Toast.makeText(MainActivity.this,res,Toast.LENGTH_LONG).show();
}
});
}
});
}
public OkHttpClient setCard() {
OkHttpClient.Builder builder = new OkHttpClient.Builder();
try {
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null);
String certificateAlias = Integer.toString(0);
keyStore.setCertificateEntry(certificateAlias, certificateFactory.generateCertificate(getAssets().open("daodianwang.cer")));//拷贝好的证书
SSLContext sslContext = SSLContext.getInstance("TLS");
final TrustManagerFactory trustManagerFactory =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
sslContext.init
(
null,
trustManagerFactory.getTrustManagers(),
new SecureRandom()
);
builder.sslSocketFactory(sslContext.getSocketFactory());
builder.hostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String s, SSLSession sslSession) {
return true;
}
});
} catch (Exception e) {
e.printStackTrace();
}
return builder.build();
}
okhttp用的是最新版本3.5的
用证书这里有个深坑.
用360浏览器导出的证书可以生效
然而用UC浏览器导出的证书居然不可以生效.简直不忍直视.坑爆了.代码是可行的.
asyncHttpClient 用https的配置
不验证简单到不能再简单了
AsyncHttpClient client = new AsyncHttpClient(true,80,443);或者
AsyncHttpClient client = new AsyncHttpClient(); client.setSSLSocketFactory(MySSLSocketFactory.getFixedSocketFactory());