服务器端的https的配置请查看我的上一篇的博客:https://blog.csdn.net/qq_21229739/article/details/97658707
1.Xutils3支持的https请求:
public class HttpsUtil {
/**
* 获取双向认证的SSLSocketFactory
*
* @param needTrustServerCers 需要信任的所有服务器端公钥cer文件
* @param clientBks 客户端bks密钥库
* @param clientBksPassword 客户端bks密钥库的密码
* @return 双向认证的SSLSocketFactory
*/
public static SSLSocketFactory getSslSocketFactory(InputStream[] needTrustServerCers, InputStream clientBks,
String clientBksPassword) {
try {
// 信任服务器端公钥管理器列表
TrustManager[] trustManagers = prepareTrustManager(needTrustServerCers);
Log.i("aa","trustManagers:"+trustManagers.length);
// 当前客户端bks密钥库的所有证书管理器
KeyManager[] keyManagers = prepareKeyManager(clientBks, clientBksPassword);
// SSLContext
SSLContext sslContext = SSLContext.getInstance("TLS");
// 初始化
sslContext.init(keyManagers, new TrustManager[]{new DefaultTrustManager(chooseX509TrustManager
(trustManagers))}, new SecureRandom());
// 得到SSLSocketFactory
SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
return sslSocketFactory;
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
} catch (KeyStoreException e) {
e.printStackTrace();
}
return null;
}
/**
* 获取单向认证的SSLSocketFactory
*
* @param needTrustServerCers 需要信任的所有服务器端公钥cer文件
* @return 单向认证的SSLSocketFactory
*/
public static SSLSocketFactory getSslSocketFactory(InputStream[] needTrustServerCers) {
return getSslSocketFactory(needTrustServerCers, null, null);
}
private static TrustManager[] prepareTrustManager(InputStream[] needTrustServerCers) {
if (needTrustServerCers == null || needTrustServerCers.length <= 0) {
return null;
}
try {
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null);
int index = 0;
for (InputStream certificate : needTrustServerCers) {
String certificateAlias = Integer.toString(index++);
keyStore.setCertificateEntry(certificateAlias, certificateFactory.generateCertificate(certificate));
try {
if (certificate != null) {
certificate.close();
}
} catch (IOException e) {
e.printStackTrace();
}
}
TrustManagerFactory trustManagerFactory = null;
trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
return trustManagers;
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (CertificateException e) {
e.printStackTrace();
} catch (KeyStoreException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
private static KeyManager[] prepareKeyManager(InputStream bksFile, String password) {
if (bksFile == null || password == null) {
return null;
}
try {
KeyStore keyStore = KeyStore.getInstance("BKS");
keyStore.load(bksFile, password.toCharArray());
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm
());
keyManagerFactory.init(keyStore, password.toCharArray());
return keyManagerFactory.getKeyManagers();
} catch (KeyStoreException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (UnrecoverableKeyException e) {
e.printStackTrace();
} catch (CertificateException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
private static X509TrustManager chooseX509TrustManager(TrustManager[] trustManagers) {
for (TrustManager trustManager : trustManagers) {
if (trustManager instanceof X509TrustManager) {
Log.i("aa","找到了"+((X509TrustManager) trustManager).getAcceptedIssuers());
return (X509TrustManager) trustManager;
}
}
return null;
}
private static class DefaultTrustManager implements X509TrustManager {
private X509TrustManager allX509TrustManager;
private X509TrustManager localTrustManager;
public DefaultTrustManager(X509TrustManager localTrustManager) throws NoSuchAlgorithmException,
KeyStoreException {
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory
.getDefaultAlgorithm());
trustManagerFactory.init((KeyStore) null);
allX509TrustManager = chooseX509TrustManager(trustManagerFactory.getTrustManagers());
this.localTrustManager = localTrustManager;
}
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
try {
allX509TrustManager.checkServerTrusted(chain, authType);
} catch (CertificateException e) {
e.printStackTrace();
try {
localTrustManager.checkServerTrusted(chain, authType);
} catch (CertificateException e1) {
e1.printStackTrace();
}
}
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
}
}
客户端与服务器验证证书成功的情况,与验证证书失败的情况。
使用Fidders 截取http请求数据包的情况:
使用Fidders 截取https请求数据包的情况:(根本截取不到)
使用Sniffer嗅探器截取http数据包请求
使用Sniffer嗅探器截取https数据包的请求: