okhttp使用https忽略证书验证
由于项目安全性的要求,我们的接口是https协议,而前端网络框架使用的是okhttp。就基于okhttp的网络框架说一下忽略证书的方法
X509TrustManager trustManager;
SSLSocketFactory sslSocketFactory=null;
trustManager = new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
};
try {
SSLContext sslContext;
sslContext = SSLContext.getInstance("SSL");
sslContext.init(null,new X509TrustManager[]{trustManager},null);
sslSocketFactory = sslContext.getSocketFactory();
} catch (GeneralSecurityException e) {
throw new RuntimeException(e);
}
HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
然后就是设置okhttp的两个属性
okHttpClient.setHostnameVerifier(DO_NOT_VERIFY);
okHttpClient.setSslSocketFactory(sslSocketFactory);