If https is used when requesting the network, the following error will occur, and the path trust anchor of the certificate cannot be found
javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
This error is also easy to solve. The best solution is to obtain a formal and legal https certificate, and let it be uploaded in the background or stored in assets for application verification. This is the most fundamental solution! If there is no certificate, you can only ignore the verification of the certificate. The following is the code implementation
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, new TrustManager[]{new X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) throws java.security.cert.CertificateException {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) throws java.security.cert.CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
}}, new SecureRandom());
Then refer to OkHttpClient
client.setSslSocketFactory(sc.getSocketFactory());
client.setHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
In this way, the formal verification is ignored. Let’s take a look at the code of the overall request. This is a tool class I wrote. I only show one of them (get request). I just need to understand how to add it.
public static void requestData(final String url, final HashMap<String, String> params, final RequestCallBack callBack) {
new Thread(new Runnable() {
@Override
public void run() {
try {
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, new TrustManager[]{new X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) throws java.security.cert.CertificateException {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) throws java.security.cert.CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
}}, new SecureRandom());
final String allUrl = url + builderParams(params);
Log.e("---------------------", allUrl);
Request request = new Request.Builder()
.url(allUrl)
.addHeader("Accept-Encoding", "musixmatch")
.build();
final OkHttpClient client = new OkHttpClient();
client.setSslSocketFactory(sc.getSocketFactory());
client.setHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
client.setConnectTimeout(30, TimeUnit.SECONDS);
client.setWriteTimeout(30, TimeUnit.SECONDS);
client.setReadTimeout(30, TimeUnit.SECONDS);
client.setRetryOnConnectionFailure(false);
client.setConnectionPool(new ConnectionPool(MAX_IDLE_CONNECTIONS, KEEP_ALIVE_DURATION_MS));
client.newCall(request).enqueue(new Callback() {
@Override
public void onFailure(Request request, IOException e) {
if (callBack != null)
callBack.onFailure(e);
}
@Override
public void onResponse(Response response) throws IOException {
if (callBack == null) return;
if (!response.isSuccessful()) {
callBack.onFailure(null);
} else {
callBack.onSuccess(response.body().string());
}
}
});
} catch (Exception e) {
if (callBack != null) callBack.onFailure(null);
}
}
}).start();
}