public OkHttpClient getClient() {
OkHttpClient.Builder builder = new OkHttpClient()
.newBuilder()
.connectTimeout(mConnectionTimeOut, TimeUnit.SECONDS)
.writeTimeout(mWriteTimeOut, TimeUnit.SECONDS)
.readTimeout(mReadTimeOut, TimeUnit.SECONDS)
.retryOnConnectionFailure(isRetryOnConnectionFailure)
.hostnameVerifier(SSLSocketClientP12.getHostnameVerifier())//配置
.sslSocketFactory(SSLSocketClientP12.getSSLSocketFactory(), SSLSocketClientP12.getX509TrustManager());
if (mInterceptors != null && mInterceptors.length > 0) {
OkHttpClient.Builder interceptorBuilder = addInterceptors(builder);
return interceptorBuilder.build();
} else {
return builder.build();
}
}
/**
* 添加p12证书
*/
public class SSLSocketClientP12 {
private static final String KEY_STORE_TYPE_P12 = "PKCS12";//证书类型
private static final String KEY_STORE_PASSWORD = "123456";//证书密码(应该是客户端证书密码,没有密码的直接改为空字符串)
//获取这个SSLSocketFactory
public static SSLSocketFactory getSSLSocketFactory() {
SSLSocketFactory factory = null;
try {
InputStream cerInputStream = AppUtil.getApp().getResources().getAssets().open("client.p12");
SSLContext sslContext = SSLContext.getInstance("TLS");
KeyStore keyStore = KeyStore.getInstance(KEY_STORE_TYPE_P12);
keyStore.load(cerInputStream, KEY_STORE_PASSWORD.toCharArray());
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, KEY_STORE_PASSWORD.toCharArray());
sslContext.init(keyManagerFactory.getKeyManagers(), getTrustManager(), new SecureRandom());
factory = sslContext.getSocketFactory();
} catch (Exception e) {
e.printStackTrace();
}
return factory;
}
//获取TrustManager
private static TrustManager[] getTrustManager() {
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[]{};
}
}
};
return trustAllCerts;
}
//获取HostnameVerifier
public static HostnameVerifier getHostnameVerifier() {
HostnameVerifier hostnameVerifier = (s, sslSession) -> true;
return hostnameVerifier;
}
public static X509TrustManager getX509TrustManager() {
X509TrustManager x509TrustManager = new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
};
return x509TrustManager;
}
}