Android https踩坑(1)Android无法访问自签名证书的服务器
关于https中自签名证书的介绍以及OkHttp中解决自签名证书问题,可以参考鸿洋的这篇博客http://blog.csdn.net/lmj623565791/article/details/48129405 本文主要介绍okhttp,glide,webview中无法访问使用自签名证书服务器的问题。
OkHttp
关于OkHttp可以参考鸿神的博客http://blog.csdn.net/lmj623565791/article/details/48129405,里面有更详尽的介绍,这里我只介绍下我使用的方式,核心是为任意https证书添加信任。
1.创建OkHttpClient时添加如下两项
mOkHttpClient = new OkHttpClient.Builder()
.sslSocketFactory(HttpUtils.createSSLSocketFactory())
.hostnameVerifier(new HttpUtils.TrustAllHostnameVerifier())
.build();
2.HttpUtils中几个方法如下:
@SuppressLint("TrulyRandom")
public static SSLSocketFactory createSSLSocketFactory() {
SSLSocketFactory sSLSocketFactory = null;
try {
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, new TrustManager[]{new TrustAllManager()},
new SecureRandom());
sSLSocketFactory = sc.getSocketFactory();
} catch (Exception e) {
}
return sSLSocketFactory;
}
public static class TrustAllManager implements X509TrustManager {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType)
throws java.security.cert.CertificateException {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) throws java.security.cert.CertificateException {
}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[0];
}
}
public static class TrustAllHostnameVerifier implements HostnameVerifier {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
}
Glide
待续
webview
待续