OKHttp版本:OKHttp3.6.0
准备工作:
Module的build.gradle文件中,添加依赖
dependencies {
compile 'com.squareup.okhttp3:okhttp:3.6.0'
}
实现步骤:
第一步:在Module的src ---> main下新建一个assets的文件夹,然后将证书文件放入(证书文件一般由后台人员通过jdk命令制作,然后部署在服务器上,我们需要的是后缀名为.cer的文件),如图:
第二步:提供一个构造方法,将证书解析成流以参数形式传入,如下:
private static OkHttpClient okHttpClient; /** * 获取oKHttpClient * certificates 证书信息 没有就传null * @return */ public static OkHttpClient getOkHttpClient(Application appContext,InputStream... certificates) { if (okHttpClient == null) {
File sdcache = appContext.getExternalCacheDir(); int cacheSize = 10 * 1024 * 1024; OkHttpClient.Builder builder = new OkHttpClient.Builder() .connectTimeout(20, TimeUnit.SECONDS) .writeTimeout(20, TimeUnit.SECONDS) .readTimeout(20, TimeUnit.SECONDS) .cache(new Cache(sdcache.getAbsoluteFile(), cacheSize)); if (certificates != null){ builder.sslSocketFactory(getSSLSocketFactory(certificates)); } okHttpClient = builder.build(); } return okHttpClient; }
/** * 获取SSLSocketFactory * * @param certificates 证书流文件 * @return */ private static SSLSocketFactory getSSLSocketFactory(InputStream... certificates) { try { CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509"); KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(null); int index = 0; for (InputStream certificate : certificates) { String certificateAlias = Integer.toString(index++); keyStore.setCertificateEntry(certificateAlias, certificateFactory.generateCertificate(certificate)); try { if (certificate != null) certificate.close(); } catch (IOException e) { } } SSLContext sslContext = SSLContext.getInstance("TLS"); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(keyStore); sslContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom()); return sslContext.getSocketFactory(); } catch (Exception e) { e.printStackTrace(); } return null; }第三步:调用第二步提供的构造方法,传入第一步的证书信息,如下:xxxUtil.getOkHttpClient(context.getAssets().open("xxx.cer"));这里的xxx.cer和assets下的证书文件名要一致,否则找不到证书文件。