自制https证书
需要验证.
okhttp不验证直接通过通过所有的https连接
代码如下
- public void getONetWorkString() {
- OkHttpClient build = new OkHttpClient.Builder()
- .sslSocketFactory(createSSLSocketFactory())
- .hostnameVerifier(new TrustAllHostnameVerifier())
- .build();
- String url = "https://www.12306.cn/mormhweb/";//带https的网址
- final Request request = new Request.Builder().url(url).build();
- Call call = build.newCall(request);
- call.enqueue(new Callback() {
- @Override
- public void onFailure(Call call, IOException e) {
- Log.i("joker", e.getMessage());
- }
- @Override
- public void onResponse(Call call, Response response)
- throws IOException
- {
- String res = response.body().string();
- Log.e("joker",res);
- }
- });
- }
- private static class TrustAllCerts implements X509TrustManager {
- @Override
- public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {}
- @Override
- public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {}
- @Override
- public X509Certificate[] getAcceptedIssuers() {return new X509Certificate[0];}
- }
- private static class TrustAllHostnameVerifier implements HostnameVerifier {
- @Override
- public boolean verify(String hostname, SSLSession session) {
- return true;
- }
- }
- private static SSLSocketFactory createSSLSocketFactory() {
- SSLSocketFactory ssfFactory = null;
- try {
- SSLContext sc = SSLContext.getInstance("TLS");
- sc.init(null, new TrustManager[] { new TrustAllCerts() }, new SecureRandom());
- ssfFactory = sc.getSocketFactory();
- } catch (Exception e) {
- }
- return ssfFactory;
- }
复制代码
app带证书验证
- public void getNetWorkString() {
- String url = "https://www.12306.cn/mormhweb/";//带https的网址
- final Request request = new Request.Builder().url(url).build();
- Call call = setCard().newCall(request);
- call.enqueue(new Callback() {
- @Override
- public void onFailure(Call call, final IOException e) {
- runOnUiThread(new Runnable() {
- @Override
- public void run() {
- Toast.makeText(MainActivity.this,e.getMessage(),Toast.LENGTH_LONG).show();
- }
- });
- Log.i("joker", e.getMessage());
- }
- @Override
- public void onResponse(Call call, Response response)
- throws IOException
- {
- final String res = response.body().string();
- Log.e("joker",res);
- runOnUiThread(new Runnable() {
- @Override
- public void run() {
- Toast.makeText(MainActivity.this,res,Toast.LENGTH_LONG).show();
- }
- });
- }
- });
- }
复制代码
- public OkHttpClient setCard() { OkHttpClient.Builder builder = new OkHttpClient.Builder(); try { CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509"); KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(null); String certificateAlias = Integer.toString(0); keyStore.setCertificateEntry(certificateAlias, certificateFactory.generateCertificate(getAssets().open("daodianwang.cer")));//拷贝好的证书 SSLContext sslContext = SSLContext.getInstance("TLS"); final TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(keyStore); sslContext.init ( null, trustManagerFactory.getTrustManagers(), new SecureRandom() ); builder.sslSocketFactory(sslContext.getSocketFactory()); builder.hostnameVerifier(new HostnameVerifier() { @Override public boolean verify(String s, SSLSession sslSession) { return true; } }); } catch (Exception e) { e.printStackTrace(); } return builder.build(); }
复制代码
okhttp用的是最新版本3.5的
用证书这里有个深坑.
用360浏览器导出的证书可以生效
然而用UC浏览器导出的证书居然不可以生效.简直不忍直视.坑爆了.代码是可行的.
asyncHttpClient 用https的配置
不验证简单到不能再简单了
- AsyncHttpClient client = new AsyncHttpClient(true,80,443);
复制代码
或者
- AsyncHttpClient client = new AsyncHttpClient();
- client.setSSLSocketFactory(MySSLSocketFactory.getFixedSocketFactory());
复制代码