Android:发出 Https 请求 [英] Android: Making Https Request

问题描述

如何在发出 Https 请求时避免javax.net.ssl.SSLPeerUnverifiedException: peer not authenticationd"异常和 Android Apache lib 差距The constructor SSLSocketFactory(SSLContext) is undefined"?

How do I avoid the "javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated" exception and the Android Apache lib gap "The constructor SSLSocketFactory(SSLContext) is undefined" in making an Https request?

推荐答案

该方法接受一个 HttpClient 实例并返回一个准备好的 https HttpClient 实例.

This method takes an HttpClient instance and returns a ready-for-https HttpClient instance.

 private HttpClient sslClient(HttpClient client) {
    try {
        X509TrustManager tm = new X509TrustManager() { 
            public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException {
            }

            public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException {
            }

            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        };
        SSLContext ctx = SSLContext.getInstance("TLS");
        ctx.init(null, new TrustManager[]{tm}, null);
        SSLSocketFactory ssf = new MySSLSocketFactory(ctx);
        ssf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
        ClientConnectionManager ccm = client.getConnectionManager();
        SchemeRegistry sr = ccm.getSchemeRegistry();
        sr.register(new Scheme("https", ssf, 443));
        return new DefaultHttpClient(ccm, client.getParams());
    } catch (Exception ex) {
        return null;
    }
}

由于Android org.apache.http.conn.ssl.SSLSocketFactory 没有SSLSocketFactory(SSLContext) 构造函数，我对类进行了如下扩展.

Because the Android org.apache.http.conn.ssl.SSLSocketFactory does not have the SSLSocketFactory(SSLContext) constructor, I have extended the class as follows.

 public class MySSLSocketFactory extends SSLSocketFactory {
     SSLContext sslContext = SSLContext.getInstance("TLS");

     public MySSLSocketFactory(KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
         super(truststore);

         TrustManager tm = new X509TrustManager() {
             public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
             }

             public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
             }

             public X509Certificate[] getAcceptedIssuers() {
                 return null;
             }
         };

         sslContext.init(null, new TrustManager[] { tm }, null);
     }

     public MySSLSocketFactory(SSLContext context) throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException {
        super(null);
        sslContext = context;
     }

     @Override
     public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException {
         return sslContext.getSocketFactory().createSocket(socket, host, port, autoClose);
     }

     @Override
     public Socket createSocket() throws IOException {
         return sslContext.getSocketFactory().createSocket();
     }
}

这里的优秀文章:http://javaskeleton.blogspot.com/2010/07/avoiding-peer-not-authenticated-with.html

这里有一些帮助:通过 HTTPS 信任使用 HttpClient 的所有证书

这篇关于Android:发出 Https 请求的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！