安卓：忽略自签名证书的错误;实际执行？ [英] Android: Ignoring Self-Signed Cert Errors; Actual Implementation?

问题描述

像许多在这里，我想有一个网站，有一个自签名的证书进行通信。有很多很多的类和code片段，展示了如何做到这一点，例如： <一href="http://stackoverflow.com/questions/3761737/https-get-ssl-with-android-and-self-signed-server-certificate">HTTPS GET（SSL）与Android和自签署的服务器证书，但我找不到任何说明如何实际使用的类。我已经尝试了很多，我敢肯定，我只是失去了一些东西简单。

Like so many here, I'm trying to communicate with a site that has a self-signed cert. There are many many classes and code snippets showing how to do this, e.g. HTTPS GET (SSL) with Android and self-signed server certificate, but I can't find any that show how to actually use the classes. I've experimented a great deal, and I'm sure I'm just missing something simple.

要具体，我想使用的青苔提供的课程;得票最多的答案。我还总是得到不被信任的证书的消息。另外一个人的话题也要求实施的提示，但一直没有得到答复。感谢您的帮助。

To be specific, I am trying to use the classes supplied by "Moss"; the answer with the most votes. I still always get the "Not trusted cert" message. One other person in that topic has also asked for implementation hints, but has not been answered. Thanks for any help.

如果我能追加这个问题的话题，我会更加快乐，但我猜新手像我这样的只能张贴新的问题（虽然我已经一年多了，所以一个风扇）。

If I could append this question to that topic, I'd be much happier, but I guess newbies like me can only post new questions (although I've been a fan of SO for over a year).

推荐答案

我们使用一个类似的SocketFactory 和 X509TrustManager 落实在我们的一些项目。为了绑定这些类到你的实现，你基本上应该做的是勾起来的的HttpClient （假设你使用的是什么那是），用于客户端-server通信。

We use a similar SocketFactory and X509TrustManager implementation in some of our projects. In order to bind these classes up to your implementation, all you basically should have to do is hook them up to the HttpClient (assuming that's what you're using) used for client-server communication.

我们通常有一个方法来创建一个的HttpClient 具有上述工厂的TrustManager。它看起来有点像这一点，是松散的基础在内部注释显示的链接。

We normally have a method to create an HttpClient with the mentioned factory and trustmanager. It looks somewhat like this and is loosely based on the link shown in the inline comments.

protected HttpClient constructClient() {
    HttpParams params = new BasicHttpParams();
    params.setParameter(CoreProtocolPNames.PROTOCOL_VERSION, HttpVersion.HTTP_1_1);

    // use the debug proxy to view internet traffic on the host computer
    if (ABCApplication.isDebuggingProxy()) params.setParameter(ConnRoutePNames.DEFAULT_PROXY, new HttpHost(ABCConstants.DEBUG_PROXY_HOST, ABCConstants.DEBUG_PROXY_PORT, "http"));

    // ignore ssl certification (due to signed authority not appearing on android list of permitted authorities)
    // see: http://blog.antoine.li/2010/10/22/android-trusting-ssl-certificates/
    SchemeRegistry registry = new SchemeRegistry();
    registry.register(new Scheme("http", new PlainSocketFactory(), 80));
    registry.register(new Scheme("https", new FakeSocketFactory(), 443)); 
    ClientConnectionManager cm = new SingleClientConnManager(params, registry);

    return new DefaultHttpClient(cm, params);
}

希望能与贵公司实施​​帮助。

Hope that helps with your implementation.

这篇关于安卓：忽略自签名证书的错误;实际执行？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！