HTTPS是以安全为目标的
HTTP
通道,简单讲是HTTP的安全版。
https
和
http
的区别:
一、https协议需要到ca申请证书,一般免费证书很少,需要交费。
二、http是超文本传输协议,信息是明文传输,https 则是具有安全性的ssl加密传输协议。
三、http和https使用的是完全不同的连接方式,用的端口也不一样,前者是80,后者是443。四、http的连接很简单,是无状态的;HTTPS协议是由SSL+HTTP协议构建的可进行加密传输、身份认证的网络协议,比http协议安全。
public class MySslSocketFactory extends SSLSocketFactory {
private static MySslSocketFactory instance;
private final SSLContext sslContext = SSLContext.getInstance("TLS");
public SSLContext getSslContext() {
return sslContext;
}
public static MySslSocketFactory getSSLSocketFactory() throws IOException {
if (instance == null) {
try {
KeyStore trustStore = KeyStore.getInstance(KeyStore
.getDefaultType());
trustStore.load(null, null);
instance = new MySslSocketFactory(trustStore);
instance.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
} catch (CertificateException e) {
throw new IOException("Couldnt set up SSL properly", e);
} catch (KeyStoreException e) {
throw new IOException("Couldnt set up SSL properly", e);
} catch (NoSuchAlgorithmException e) {
throw new IOException("Couldnt set up SSL properly", e);
} catch (KeyManagementException e) {
throw new IOException("Couldnt set up SSL properly", e);
} catch (UnrecoverableKeyException e) {
throw new IOException("Couldnt set up SSL properly", e);
}
}
return instance;
}
private MySslSocketFactory(KeyStore truststore)
throws NoSuchAlgorithmException, KeyManagementException,
KeyStoreException, UnrecoverableKeyException {
super(truststore);
TrustManager tm = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
// accept
}
public void checkServerTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
// accept
}
public X509Certificate[] getAcceptedIssuers() {
return null;
}
};
sslContext.init(null, new TrustManager[] { tm }, null);
}
public Socket createSocket(Socket socket, String host, int port,
boolean autoClose) throws IOException, UnknownHostException {
return sslContext.getSocketFactory().createSocket(socket, host, port,
autoClose);
}
public Socket createSocket() throws IOException {
return sslContext.getSocketFactory().createSocket();
}
}
SchemeRegistry schemeRegistry = new SchemeRegistry();
schemeRegistry.register(new Scheme("http", PlainSocketFactory
.getSocketFactory(), HTTP_PORT ));
schemeRegistry.register(new Scheme("https", MySslSocketFactory
.getSSLSocketFactory(), HTTPS_PORT ));
HttpParams params = new BasicHttpParams();
ClientConnectionManager connManager = new ThreadSafeClientConnManager(
params, schemeRegistry);
HttpClient mHttpClient = new DefaultHttpClient(connManager, params);
HttpParams http_params = mHttpClient.getParams();
http_params.setParameter(CoreProtocolPNames.PROTOCOL_VERSION,
HttpVersion.HTTP_1_1);
HttpConnectionParams.setConnectionTimeout(http_params,
CONNECTION_TIMEOUT);
HttpConnectionParams.setSoTimeout(http_params, CONNECTION_TIMEOUT);
private HttpURLConnection getHttpsConnection(URL mUrl) throws IOException {
HttpsURLConnection conn = (HttpsURLConnection) mUrl.openConnection();
conn.setHostnameVerifier(new IgnoreHostnameVerifier());
conn.setSSLSocketFactory(MySslSocketFactory.getSSLSocketFactory()
.getSslContext().getSocketFactory());
return conn;
}
public class IgnoreHostnameVerifier implements HostnameVerifier {
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
}
WebViewClient:
public void onReceivedSslError(WebView view, SslErrorHandler handler,
SslError error) {
// super.onReceivedSslError(view, handler, error);
handler.proceed();
}