HttpsURLConnection和DefaultHttpClient连接HTTPS不用证书

最新推荐文章于 2022-03-10 20:43:46 发布

我是一个小胖子

最新推荐文章于 2022-03-10 20:43:46 发布

阅读量8.4k

点赞数

CC 4.0 BY-SA版权

分类专栏： JAVA android 文章标签： import exception string android null session

本文链接：https://blog.youkuaiyun.com/actual_/article/details/6968979

android 同时被 2 个专栏收录

96 篇文章

订阅专栏

JAVA

14 篇文章

订阅专栏

本文介绍了在Android开发中，如何在没有证书的情况下使用HttpsURLConnection和DefaultHttpClient连接HTTPS地址。通过自定义MySSLSocketFactory，绕过默认的隐藏构造函数，实现信任任何主机的HTTPS连接。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

android开发可以用key连接https地址，但是没有key的时候也可以用如下的办法信任任何主机连接https地址：

一 HttpsURLConnection：

import java.security.SecureRandom; 
import java.security.cert.CertificateException; 
import java.security.cert.X509Certificate; 
 
import javax.net.ssl.HostnameVerifier; 
import javax.net.ssl.HttpsURLConnection; 
import javax.net.ssl.SSLContext; 
import javax.net.ssl.SSLSession; 
import javax.net.ssl.X509TrustManager; 
 
private void trustEveryone() { 
        try { 
                HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier(){ 
                        public boolean verify(String hostname, SSLSession session) { 
                                return true; 
                        }}); 
                SSLContext context = SSLContext.getInstance("TLS"); 
                context.init(null, new X509TrustManager[]{new X509TrustManager(){ 
                        public void checkClientTrusted(X509Certificate[] chain, 
                                        String authType) throws CertificateException {} 
                        public void checkServerTrusted(X509Certificate[] chain, 
                                        String authType) throws CertificateException {} 
                        public X509Certificate[] getAcceptedIssuers() { 
                                return new X509Certificate[0]; 
                        }}}, new SecureRandom()); 
                HttpsURLConnection.setDefaultSSLSocketFactory( 
                                context.getSocketFactory()); 
        } catch (Exception e) { // should never happen 
                e.printStackTrace(); 
        } 
}

二 DefaultHttpClient

在android中的SSLSocketFactory中有这样一个构造函数：

/**
* Constructs an HttpClient SSLSocketFactory backed by the given JSSE
* SSLSocketFactory.
*
* @hide
*/
public SSLSocketFactory(javax.net.ssl.SSLSocketFactory socketfactory) {
super();
this.sslcontext = null;
this.socketfactory = socketfactory;
this.nameResolver = null;
}

但是是hide的。所以把SSLSocketFactory源码复制出来放开了了这个函数。命名为MySSLSocketFactory。如下可以构造一个MySSLSocketFactory：

	private MySSLSocketFactory newSslSocketFactory() {
		try {
			SSLContext context = SSLContext.getInstance("TLS");
			context.init(null, new X509TrustManager[] { new X509TrustManager() {
				public void checkClientTrusted(X509Certificate[] chain,
						String authType) throws CertificateException {
				}

				public void checkServerTrusted(X509Certificate[] chain,
						String authType) throws CertificateException {
				}

				public X509Certificate[] getAcceptedIssuers() {
					return new X509Certificate[0];
				}
			} }, new SecureRandom());

			// Pass the keystore to the SSLSocketFactory. The factory is
			// responsible
			// for the verification of the server certificate.
			MySSLSocketFactory sf = new MySSLSocketFactory(
					context.getSocketFactory());
			// Hostname verification from certificate
			// http://hc.apache.org/httpcomponents-client-ga/tutorial/html/connmgmt.html#d4e506
			sf.setHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER);
			return sf;
		} catch (Exception e) {
			throw new AssertionError(e);
		}
	}

这样也解决了在android中用DefaultHttpClient连接https的问题。