单向认证证书配置相对简单,服务端证书server.cer放在assets目录下,请求配置如下:
截取部分代码
public static synchronized String requestByPost(String urlpath,
String requestData) throws IOException {
AssetManager am = CommonDataApplication.getInstance().getApplicationContext().getAssets();
SSLContext context = null;
try {
InputStream ins = am.open("server.cer");
CertificateFactory cerFactory = CertificateFactory.getInstance("X.509");
Certificate cer;
try {
cer = cerFactory.generateCertificate(ins);
} finally {
ins.close();
}
// Create a KeyStore containing our trusted CAs
String keyStoreType = KeyStore.getDefaultType();
KeyStore keyStore = KeyStore.getInstance(keyStoreType);
keyStore.load(null, null);
keyStore.setCertificateEntry("ca", cer);
// Create a TrustManager that trusts the CAs in our KeyStore
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keyStore);
// Create an SSLContext that uses our TrustManager
context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), null);
} catch (Exception e) {
e.printStackTrace();
}
URL url = new URL(urlpath);
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setSSLSocketFactory(context.getSocketFactory());
conn.setDoInput(true);
conn.setConnectTimeout(TIMEOUT);