本文详细介绍了在Android 2.1环境下通过修改SSL配置实现HTTPS请求无证书访问的步骤,包括信任所有主机、自定义SSLSocketFactory和TrustManager等关键操作。
在网上看了,httpchlent的资料,httpchlent4.1可以实现对ssl的无证书访问。
实现代码为:
SSLContext sslcontext = SSLContext.getInstance("TLS");
sslcontext.init(null, new TrustManager[] { easyTrustManager }, null);
SSLSocketFactory sf = new SSLSocketFactory(sslcontext);
Scheme sch = new Scheme("https", sf, 8443);
httpclient.getConnectionManager().getSchemeRegistry().register(sch);
但在android2.1中,SSLSocketFactory类中没有下面这个构造函数
SSLSocketFactory sf = new SSLSocketFactory(sslcontext);
客户端不想存放安全证书,请问在android2.1如何实现对ssl的无证书访问?
解决方法如下:
public String connentUrl(String strUrl) {
StringBuffer sbResult = null;
try {
HttpURLConnection http = null;
URL url = new URL(strUrl);
// 判断是http请求还是https请求
if (url.getProtocol().toLowerCase().equals("https")) {
trustAllHosts();
HttpsURLConnection https = (HttpsURLConnection) url.openConnection();
https.setHostnameVerifier(DO_NOT_VERIFY);
http = https;
} else {
http = (HttpURLConnection) url.openConnection();
}
http.setDoInput(true);
// 设置超时时间
http.setConnectTimeout(10000);
// 设置请求类型为post
http.setRequestMethod("POST");
// 设置接收类型
http.setRequestProperty("accept", "*
private static void trustAllHosts() {
// Create a trust manager that does not validate certificate chains
// Android 采用X509的证书信息机制
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[] {};
}
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {}
public void checkServerTrusted(X509Certificate[] chain,String authType) throws CertificateException {}
}
};
// Install the all-trusting trust manager
try {
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (Exception e) {
e.printStackTrace();
}
}
实现代码为:
SSLContext sslcontext = SSLContext.getInstance("TLS");
sslcontext.init(null, new TrustManager[] { easyTrustManager }, null);
SSLSocketFactory sf = new SSLSocketFactory(sslcontext);
Scheme sch = new Scheme("https", sf, 8443);
httpclient.getConnectionManager().getSchemeRegistry().register(sch);
但在android2.1中,SSLSocketFactory类中没有下面这个构造函数
SSLSocketFactory sf = new SSLSocketFactory(sslcontext);
客户端不想存放安全证书,请问在android2.1如何实现对ssl的无证书访问?
解决方法如下:
public String connentUrl(String strUrl) {
StringBuffer sbResult = null;
try {
HttpURLConnection http = null;
URL url = new URL(strUrl);
// 判断是http请求还是https请求
if (url.getProtocol().toLowerCase().equals("https")) {
trustAllHosts();
HttpsURLConnection https = (HttpsURLConnection) url.openConnection();
https.setHostnameVerifier(DO_NOT_VERIFY);
http = https;
} else {
http = (HttpURLConnection) url.openConnection();
}
http.setDoInput(true);
// 设置超时时间
http.setConnectTimeout(10000);
// 设置请求类型为post
http.setRequestMethod("POST");
// 设置接收类型
http.setRequestProperty("accept", "*
private static void trustAllHosts() {
// Create a trust manager that does not validate certificate chains
// Android 采用X509的证书信息机制
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[] {};
}
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {}
public void checkServerTrusted(X509Certificate[] chain,String authType) throws CertificateException {}
}
};
// Install the all-trusting trust manager
try {
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (Exception e) {
e.printStackTrace();
}
}
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
