1.pfx转cer
openssl pkcs12 -nodes -nokeys -in xxx.pfx -passin pass:证书密码 -out xxx.cer
2.下载bouncycastle的jar包
wget http://repo2.maven.org/maven2/org/bouncycastle/bcprov-jdk16/1.46/bcprov-jdk16-1.46.jar
3.cer转bks
keytool -importcert -v -trustcacerts -file xxx.cer -alias xxx -keystore xxx.bks -provider org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath bcprov-jdk16-1.46.jar -storetype BKS -storepass xxx
4.拷贝bks文件到res/raw文件夹下
5.生成SSLSocketFactory和X509TrustManager
fun build(context: Context): ETCASSL? {
var socketFactory: SSLSocketFactory? = null
var x509TrustManager: X509TrustManager? = null
try {
//取得SSL的SSLContext实例
val sslContext = SSLContext.getInstance("TLSv1", "AndroidOpenSSL")
//取得TrustManagerFactory的X509密钥管理器实例
val trustManager = TrustManagerFactory.getInsta