带 HTTPS 的 KSOAP 2 Android [英] KSOAP 2 Android with HTTPS

问题描述

我在 Android 中使用 KSOAP2 来管理 SOAP，但它使用 https 作为 SOAP url 并且我收到此错误:javax.net.ssl.SSLException:不受信任的服务器证书
正常错误，因为证书不受信任，但有人知道如何解决此错误吗?我无法管理证书，因为它来自其他公司，我无权更改它.

I am using KSOAP2 to manage SOAP in Android but it use https for the SOAP url and I am getting this error: javax.net.ssl.SSLException: Not trusted server certificate
A normal error because the certificate is untrusted, but anyone knows how to workaround with this error? I can not manage the certificate because is from a other company and I don't have access to change it.

谢谢

推荐答案

我还不能发表评论，所以我将我的评论发布到 rallat answer 此处.他的解决方案有效，但需要进一步解释.使用 ssl 运行 ksoap2:

I can't comment yet so i post my comments to rallat answer here. His solution works but it needs further explanations. To run ksoap2 with ssl:

1. 将 ksoap2-android-assembly-2.5.2-jar-with-dependencies.jar 放入项目
2. 从 https://github.com/mosabua/ksoap2-android/tree/ 下载 ksoap2 源(ksoap2 存储库)
3. 复制HttpTransportSE.java、ServiceConnectionSE.java(我还需要复制Transport.java、ServiceConnection.javacode> 和 HeaderProperty.java).从这些文件中删除导入并确保它们使用您的文件(而不是从 ksoap2.jar 导入)

4. 使用 rallat 答案(我复制粘贴的):

1. Put ksoap2-android-assembly-2.5.2-jar-with-dependencies.jar in a project
2. Download ksoap2 sources from https://github.com/mosabua/ksoap2-android/tree/ (ksoap2 repository)
3. Copy HttpTransportSE.java, ServiceConnectionSE.java (I also needed to copy Transport.java, ServiceConnection.java and HeaderProperty.java). Delete imports from those files and make sure that they use your files (not imports from ksoap2.jar)

4. Use rallat answer ( I copy-pasted it):

• ServiceConnectionSE.java 添加这个以接受不受信任的证书:

• ServiceConnectionSE.java add this for accept untrusted certificate:

private TrustManager[] trustAllCerts = new TrustManager[] {
    new X509TrustManager() {
        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
            return null;
        }
        public void checkClientTrusted(
            java.security.cert.X509Certificate[] certs, String authType) {
        }
        public void checkServerTrusted(
            java.security.cert.X509Certificate[] certs, String authType) {
        }
    }
};

然后使用这个构造函数来允许不受信任的证书，而不是验证主机名:

then use this constructors to allow untrusted certificates and not verified hostnames:

public ServiceConnectionSE(String url) throws IOException {
    try {
        SSLContext sc = SSLContext.getInstance("TLS");
        sc.init(null, trustAllCerts, new java.security.SecureRandom());
        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
    } catch (Exception e) {
        e.getMessage();
    }
    connection = (HttpsURLConnection) new URL(url).openConnection();
    ((HttpsURLConnection) connection).setHostnameVerifier(new AllowAllHostnameVerifier());
}    

第二个构造函数

Second contructor

public ServiceConnectionSE(Proxy proxy, String url) throws IOException {
    try {
        SSLContext sc = SSLContext.getInstance("TLS");
        sc.init(null, trustAllCerts, new java.security.SecureRandom());
        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
     } catch (Exception e) {
        e.getMessage();
     }
     connection = (HttpsURLConnection) new URL(url).openConnection();
    ((HttpsURLConnection) connection).setHostnameVerifier(new AllowAllHostnameVerifier());

    connection.setUseCaches(false);
    connection.setDoOutput(true);
    connection.setDoInput(true);
}

在你的代码中使用:

HttpTransportSE aht = new HttpTransportSE(URL);    
aht.call(SOAP_ACTION, envelope);

教程中的其他内容

这篇关于带 HTTPS 的 KSOAP 2 Android的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！