接上篇配置阿里云服务器tomcat的https证书配置,APP前端也全面转https。
由于用的volley框架,经度娘指导发现volley支持https,可以省下不少工作量,但要做一些修改,这里是参考其他的人,谢谢这些大神!
public class FakeX509TrustManager implements X509TrustManager { private static TrustManager[] trustManagers; private static final X509Certificate[] _AcceptedIssuers = new X509Certificate[] {}; @Override public void checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws java.security.cert.CertificateException { //To change body of implemented methods use File | Settings | File Templates. } @Override public void checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws java.security.cert.CertificateException { //To change body of implemented methods use File | Settings | File Templates. } public boolean isClientTrusted(X509Certificate[] chain) { return true; } public boolean isServerTrusted(X509Certificate[] chain) { return true; } @Override public X509Certificate[] getAcceptedIssuers() { return _AcceptedIssuers; } public static void allowAllSSL() { HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { @Override public boolean verify(String arg0, SSLSession arg1) { // TODO Auto-generated method stub return true; } }); SSLContext context = null; if (trustManagers == null) { trustManagers = new TrustManager[] { new FakeX509TrustManager() }; } try { context = SSLContext.getInstance("TLS"); context.init(null, trustManagers, new SecureRandom()); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (KeyManagementException e) { e.printStackTrace(); } HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory()); } }
然后在volley请求前设置
FakeX509TrustManager.allowAllSSL(); StringRequest stringRequest = new StringRequest(volleyMethod,urlMsg.path(), new Response.Listener<String>() {不做此设置会报
VolleyEror: com.android.volley.NoConnectionError: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
但是,发请求后还是报了另一个异常
volley javax.net.ssl.SSLHandshakeException: Handshake failed
继续度娘调教,发现与我类似的情况,采用Android 6.0的手机进行测试会出现。是Tomcat在SSL方面的一个问题,可以配置解决,如下:
<Connector port="443" SSLEnabled="true" sslProtocol="TLS"
。。。。。
ciphers="TLS_RSA_WITH_AES_128_CBC_SHA256,
TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_RSA_WITH_AES_256_CBC_SHA256,
TLS_RSA_WITH_AES_256_CBC_SHA,
SSL_RSA_WITH_3DES_EDE_CBC_SHA" />
如此即完全打通!
感谢两位大神!链接如下:
https://my.oschina.net/zengliubao/blog/616666
http://blog.csdn.net/shxixi/article/details/51073238