既然Android上已弃用SSLSocketFactory，那么处理客户端证书身份验证的最佳方法是什么? [英] Now that SSLSocketFactory is deprecated on Android, what would be the best way to handle Client Certificate Authentication?

问题描述

我正在一个需要客户端证书身份验证(带有PKCS 12文件)的Android应用程序上工作. 在弃用所有apache.http.*之后，我们在网络层上开始了一项相当大的重构工作，并且我们决定使用OkHttp作为替代，到目前为止，我非常喜欢.

I am working on an Android app that requires Client Certificate Authentication (with PKCS 12 files). Following the deprecation of all that's apache.http.*, we have started a pretty big work of refactoring on our network layer, and we have decided to go with OkHttp as a replacement, and so far I like that very much.

但是，我没有找到其他方法来使用OkHttp或其他任何方法来处理不使用SSLSocketFactory的客户端证书auth.那么，在这种情况下，最佳的解决方案是什么? OkHttp是否有另一种方式来处理这种身份验证?

However, I haven't found any other way to handle client certificate auth without using SSLSocketFactory, with OkHttp or anything else for that matter. So what would be the best course of action in this particular case? Is there another way with OkHttp to handle this sort of authentication?

推荐答案

显然，有两个SSLSocketFactory类. HttpClient有它自己的一个，与其他HttpClient一起已弃用.但是，其他所有人都将使用更传统的javax.net.ssl版本的SSLSocketFactory ，但不建议使用(感谢$DEITY).

Apparently, there are two SSLSocketFactory classes. HttpClient has its own one, and that is deprecated along with the rest of HttpClient. However, everybody else will be using the more conventional javax.net.ssl edition of SSLSocketFactory, which is not deprecated (thank $DEITY).

这篇关于既然Android上已弃用SSLSocketFactory，那么处理客户端证书身份验证的最佳方法是什么?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！