博客内容介绍了如何处理图片下载时遇到的链接不安全问题,通过创建自定义的TrustAllCerts类实现X509TrustManager接口,并提供创建SSLSocketFactory的方法。同时,自定义TrustAllHostnameVerifier来信任所有主机名。在使用OKHttpClient下载图片时,应用这些自定义的信任设置。如果需要下载重要数据,应考虑设置相应证书。
自定义TrustAllCerts 类实现X509TrustManager 接口,同时对外提供createSSLSocketFactory的方法,自定义TrustAllHostnameVerifier 类实现HostnameVerifier ,在重写的方法verify(String hostname, SSLSession session) return true;
在下载的方法中使用如下:
OkHttpClient.Builder mBuilder = new OkHttpClient.Builder();
mBuilder.sslSocketFactory(TrustAllCerts.createSSLSocketFactory());
mBuilder.hostnameVerifier(new TrustAllCerts.TrustAllHostnameVerifier());
图片下载用的是OKHttpClient,图片下载完全信任,如果是针对其他文件或者重要数据的下载需设置相应的证书,具体可参考以下链接:
https://blog.youkuaiyun.com/shenyongjun1209/article/details/52780898/
public class TrustAllCerts implements X509TrustManager {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {}
@Override
public X509Certificate[] getAcceptedIssuers() {return new X509Certificate[0];}
public static SSLSocketFactory createSSLSocketFactory() {
SSLSocketFactory ssfFactory = null;
try {
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, new TrustManager[] { new TrustAllCerts() }, new SecureRandom());
ssfFactory = sc.getSocketFactory();
} catch (Exception e) {
}
return ssfFactory;
}
public static class TrustAllHostnameVerifier implements HostnameVerifier {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
}
}
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
