HttpClient
KeyStore keyStore; URI url = null; HttpGet req = null;
try{ //获取asset文件夹下的证书 AssetManager am = mContext.getAssets(); InputStream ins = am.open("my.crt"); //证书格式转换 IE 工具->internet->内容->证书
try { //读取证书 CertificateFactory cerFactory = CertificateFactory.getInstance("X.509"); //证书工厂。此处指明证书的类型 Certificate cer = cerFactory.generateCertificate(ins); //创建一个证书库,并将证书导入证书库 keyStore = KeyStore.getInstance("PKCS12", "BC"); //问2 http://www.csdn.net/article/2015-01-06/2823434 keyStore.load(null, null); keyStore.setCertificateEntry("trust", cer); } finally { ins.close(); } //把咱的证书库作为信任证书库 SSLSocketFactory socketFactory = new SSLSocketFactory(keyStore); Scheme sch = new Scheme("https", socketFactory, 443); //完工 HttpClient mHttpClient = new DefaultHttpClient(); mHttpClient.getConnectionManager().getSchemeRegistry().register(sch); url = new URI(gm.url+gm.param); //url = new URI(gm.url+gm.param); req = new HttpGet(url); HttpGet requestGet = new HttpGet(url); HttpResponse httpResponse = mHttpClient.execute(requestGet); if (httpResponse.getStatusLine().getStatusCode() == 200) { HttpEntity httpEntity = httpResponse.getEntity(); result = EntityUtils.toString(httpEntity); result = result.replaceAll("\r", ""); } }catch (Exception e){ }
HttpsURLConnection
CertificateFactory cf = CertificateFactory.getInstance("X.509"); // From // https://www.washington.edu/itconnect/security/ca/load-der.crt InputStream caInput = mContext.getAssets().open("_.lianluo.com_bundle.crt"); //InputStream caInput = mContext.getAssets().open("nginx.crt"); Certificate ca; try { ca = cf.generateCertificate(caInput); } finally { caInput.close(); } // Create a KeyStore containing our trusted CAs String keyStoreType = KeyStore.getDefaultType(); KeyStore keyStore = KeyStore.getInstance(keyStoreType); keyStore.load(null, null); keyStore.setCertificateEntry("ca", ca); // Create a TrustManager that trusts the CAs in our KeyStore String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm(); TrustManagerFactory tmf = TrustManagerFactory .getInstance(tmfAlgorithm); tmf.init(keyStore); // Create an SSLContext that uses our TrustManager SSLContext context = SSLContext.getInstance("TLS"); context.init(null, tmf.getTrustManagers(), null); URL url = new URL(path); HttpsURLConnection urlConnection = (HttpsURLConnection) url .openConnection(); // urlConnection.setConnectTimeout(5 * 1000); urlConnection.setRequestMethod("GET"); // urlConnection.setSSLSocketFactory(context.getSocketFactory()); InputStream in = urlConnection.getInputStream(); if(urlConnection.getResponseCode() == HttpURLConnection.HTTP_OK){ return readStream(in); }