Use OkHttp or HttpUrlConnection achieve verification certificate and the domain name has been https://mp.csdn.net/mdeditor/85266096 explained, then some App used in webview loading html, ajax request using Https services in html, and how to check the security certificate it?
This article explains webview achieve parity Https homemade certificate.
We use the Android webview will set up a time WebViewClient, and if the request Https time the error occurred, it will call WebViewClientthe onReceivedSslErrormethod, as follows:
WebView webView = new WebView(getContext());
webView.setWebViewClient(new WebViewClient(){
@Override
public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {
super.onReceivedSslError(view, handler, error);
}
});
super.onReceivedSslError(view, handler, error);The default inherit the implementation of the parent class, implement the parent class is handler.cancel();canceled communication. So we have to do is onReceivedSslErrorperform certificate verification method.
onReceivedSslErrorParametric analysis method
WebView viewParameters
that have nothing to say, is the current webview object.SslErrorHandler handlerParameters
point into the source code can be seen, it is a class constructor and two methods.proceed()The method is to allow all network accesscancel()methods is to remove all network access.
public class SslErrorHandler extends Handler {
/**
* @hide Only for use by WebViewProvider implementations.
*/
@SystemApi
public SslErrorHandler() {}
/**
* Proceed with the SSL certificate.
*/
public void proceed() {}
/**
* Cancel this request and all pending requests for the WebView that had
* the error.
*/
public void cancel() {}
}
SslError errorParameters
point into theSslErrorsource code can see the properties and methods of this class
main attributes are:
SSL_NOTYETVALID: the certificate is invalid
SSL_EXPIRED: beyond the validity of the certificate
SSL_IDMISMATCH: domain names do not match
SSL_UNTRUSTED: untrusted certificate
SSL_DATE_INVALID: certificate date is invalid
SSL_INVALID: generic error
in addition to several constructors, mainly methods are:
getUrl(): get the current request url
getPrimaryError(): get error type
getCertificate(): get the current certificate
Sha256 checksum value of the certificate
Analyzing logic:
1, obtaining the value of the current webview sha256 certificate
2, obtaining a client certificate sha256 value
3, the value of Comparative sha256 two certificates, if they are equal, then calling handler.proceed()the method, if not equal, then the call prompted, and quit the application.
WebView webView = new WebView(getContext());
webView.setWebViewClient(new WebViewClient(){
@Override
public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {
String certSha256 = SSLSocketCert.getSSLCertSHA256FromCert(view.getContext().getAssets().open("client.crt"));
String serverSha256 = SSLSocketCert.getSSLCertFromServer(error.getCertificate());
if (certSha256.equalsIgnoreCase(serverSha256)) {
handler.proceed();
} else {
DialogUtil.showSingleDialog(view.getContext(), "警告", "证书校验失败", false, "退出", new DialogInterface.OnClickListener() {
@Override
public void onClick(DialogInterface dialog, int which) {
System.exit(0);
}
});
}
}
});
The code above uses SSLSocketCertand DialogUtiltools, DialogUtilyou can use your own, SSLSocketCertuploaded to
https://download.csdn.net/download/u010982507/10907473