带 HTTPS 的 KSOAP 2 Android [英] KSOAP 2 Android with HTTPS
问题描述
我在 Android 中使用 KSOAP2 来管理 SOAP,但它使用 https 作为 SOAP url 并且我收到此错误:javax.net.ssl.SSLException:不受信任的服务器证书
正常错误,因为证书不受信任,但有人知道如何解决此错误吗?我无法管理证书,因为它来自其他公司,我无权更改它.
I am using KSOAP2 to manage SOAP in Android but it use https for the SOAP url and I am getting this error: javax.net.ssl.SSLException: Not trusted server certificate
A normal error because the certificate is untrusted, but anyone knows how to workaround with this error?
I can not manage the certificate because is from a other company and I don't have access to change it.
谢谢
推荐答案
我还不能发表评论,所以我将我的评论发布到 rallat answer 此处.他的解决方案有效,但需要进一步解释.使用 ssl 运行 ksoap2:
I can't comment yet so i post my comments to rallat answer here. His solution works but it needs further explanations. To run ksoap2 with ssl:
- 将
ksoap2-android-assembly-2.5.2-jar-with-dependencies.jar
放入项目 - 从 https://github.com/mosabua/ksoap2-android/tree/ 下载 ksoap2 源(ksoap2 存储库)
- 复制
HttpTransportSE.java
、ServiceConnectionSE.java
(我还需要复制Transport.java
、ServiceConnection.java
code> 和HeaderProperty.java
).从这些文件中删除导入并确保它们使用您的文件(而不是从ksoap2.jar
导入) 使用 rallat 答案(我复制粘贴的):
- Put
ksoap2-android-assembly-2.5.2-jar-with-dependencies.jar
in a project - Download ksoap2 sources from https://github.com/mosabua/ksoap2-android/tree/ (ksoap2 repository)
- Copy
HttpTransportSE.java
,ServiceConnectionSE.java
(I also needed to copyTransport.java
,ServiceConnection.java
andHeaderProperty.java
). Delete imports from those files and make sure that they use your files (not imports fromksoap2.jar
) Use rallat answer ( I copy-pasted it):
ServiceConnectionSE.java
添加这个以接受不受信任的证书:
ServiceConnectionSE.java
add this for accept untrusted certificate:
private TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
}
}
};
然后使用这个构造函数来允许不受信任的证书,而不是验证主机名:
then use this constructors to allow untrusted certificates and not verified hostnames:
public ServiceConnectionSE(String url) throws IOException {
try {
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (Exception e) {
e.getMessage();
}
connection = (HttpsURLConnection) new URL(url).openConnection();
((HttpsURLConnection) connection).setHostnameVerifier(new AllowAllHostnameVerifier());
}
第二个构造函数
Second contructor
public ServiceConnectionSE(Proxy proxy, String url) throws IOException {
try {
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (Exception e) {
e.getMessage();
}
connection = (HttpsURLConnection) new URL(url).openConnection();
((HttpsURLConnection) connection).setHostnameVerifier(new AllowAllHostnameVerifier());
connection.setUseCaches(false);
connection.setDoOutput(true);
connection.setDoInput(true);
}
在你的代码中使用:
HttpTransportSE aht = new HttpTransportSE(URL);
aht.call(SOAP_ACTION, envelope);
教程中的其他内容
这篇关于带 HTTPS 的 KSOAP 2 Android的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!