最近在跟后台交互的时候发现,后台基于安全考虑使用了https的通信。但是当安卓端使用OkHttp框架像平时一般请求访
问网络时则会出现如下错误:
javax.net.ssl.SSLHandshakeException:
java.security.cert.CertPathValidatorException:
Trust anchor for certification path not found.
查阅了很多资料后我才发现,这是网站证书的认证存在安全问题。在看了很多代码之后,我将其汇总在一个HttpUtils工具类中,以方便使用。
具体解决方法如下:
public static OkHttpClient getUnsafeOkHttpClient() throws NoSuchAlgorithmException,
KeyManagementException {
try {
TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] x509Certificates, String s)
throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String s)
throws CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
}
} ;
final SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, trustAllCerts, new SecureRandom());
final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
OkHttpClient.Builder builder = new OkHttpClient.Builder();
builder.sslSocketFactory(sslSocketFactory);
builder.hostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String s, SSLSession sslSession) {
return true;
}
});
return builder.build();
} catch (Exception e) {
throw new RuntimeException(e);
}
}
这个方法返回了一个OkHttpClient对象,并且为其实现了对所有网站证书安全性的认证,以此对象去访问网络便可以解决上述错误。