1.在使用Glide前调用
Glide.get(this).getRegistry().replace(GlideUrl.class, InputStream.class, new OkHttpUrlLoader.Factory(getNoCheckOkHttpClient()));
2.getNoCheckOkHttpClient方法如下
public static OkHttpClient getNoCheckOkHttpClient() {
SSLSocketFactory ssl = getNoCheckSSLSocketFactory();
X509TrustManager trustManager = getTrustManager();
return new OkHttpClient.Builder()
.connectTimeout(TimeUnit.SECONDS.toMillis(30), TimeUnit.SECONDS)
.readTimeout(TimeUnit.SECONDS.toMillis(30), TimeUnit.SECONDS)
.writeTimeout(TimeUnit.SECONDS.toMillis(30), TimeUnit.SECONDS)
.sslSocketFactory(ssl, trustManager)
.hostnameVerifier((hostname, session) -> true)
.retryOnConnectionFailure(true)
.build();
}
public static SSLSocketFactory getNoCheckSSLSocketFactory() {
try {
SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, new TrustManager[] {getTrustManager()}, new SecureRandom());
return sslContext.getSocketFactory();
} catch (Exception e) {
throw new RuntimeException(e);
}
}
/**
* 获得信任管理器TrustManager,不做任何校验
*
* @return X509TrustManager
*/
public static X509TrustManager getTrustManager() {
return new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] serverX509Certificates, String s) {}
/**
* 只支持正序或者逆序存放的证书链,如果证书链顺序打乱的将不支持 我们以下认定x509Certificates数组里从0-end如果是设备证书到ca root证书是正序的
* 反之是倒序的
*/
@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String s) {}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
};
}