Android:发出Https请求
如何避免“javax.net.ssl.SSLPeerUnverifiedException:peer not authenticated”异常和Android Apache lib gap“在发出Https请求时,构造函数SSLSocketFactory(SSLContext)未定义”?此方法获取一个HttpClient实例并返回一个ready for Https HttpClient实例Android:发出Https请求,android,apache,https,Android,Apache,Https,如何避免“javax.net.ssl.SSLPeerUnverifiedException:peer not authenticated”异常和Android Apache lib gap“在发出Https请求时,构造函数SSLSocketFactory(SSLContext)未定义”?此方法获取一个HttpClient实例并返回一个ready for Https HttpClient实例 private HttpClient sslClient(HttpClient client) {
private HttpClient sslClient(HttpClient client) {
try {
X509TrustManager tm = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException {
}
public X509Certificate[] getAcceptedIssuers() {
return null;
}
};
SSLContext ctx = SSLContext.getInstance("TLS");
ctx.init(null, new TrustManager[]{tm}, null);
SSLSocketFactory ssf = new MySSLSocketFactory(ctx);
ssf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
ClientConnectionManager ccm = client.getConnectionManager();
SchemeRegistry sr = ccm.getSchemeRegistry();
sr.register(new Scheme("https", ssf, 443));
return new DefaultHttpClient(ccm, client.getParams());
} catch (Exception ex) {
return null;
}
}
由于Android org.apache.http.conn.ssl.SSLSocketFactory没有SSLSocketFactory(SSLContext)构造函数,因此我对该类进行了如下扩展
public class MySSLSocketFactory extends SSLSocketFactory {
SSLContext sslContext = SSLContext.getInstance("TLS");
public MySSLSocketFactory(KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
super(truststore);
TrustManager tm = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
public X509Certificate[] getAcceptedIssuers() {
return null;
}
};
sslContext.init(null, new TrustManager[] { tm }, null);
}
public MySSLSocketFactory(SSLContext context) throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException {
super(null);
sslContext = context;
}
@Override
public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException {
return sslContext.getSocketFactory().createSocket(socket, host, port, autoClose);
}
@Override
public Socket createSocket() throws IOException {
return sslContext.getSocketFactory().createSocket();
}
}
这里的优秀文章:
这里有一些帮助:我有类似的问题,更像这样,但根本原因与两个问题中提到的完全不同
我使用DefaultHttpClient作为httpclient来请求类似的链接。我尝试了一大堆提议的解决方案,但没有一个对我有效。经过几个小时的努力,我找到了根本原因:我的设备连接到了一个访客WIFI,可能有一些特定的过滤规则阻止了相关的网络部分。切换到其他网络解决了我的问题。我有一个适合我的答案。我会在我的8小时期限到期后的某个时候发布它。来吧,让我回答我自己的问题!首先你需要更多的观点:)这是我的一个贡献。仅供参考,在写这篇文章(2013年2月)的时候,这个bug似乎已经在一些HTC手机固件中出现了,伙计,太棒了!这对我帮助很大!谢谢,如果没有你的帮助,我真的会迷路的!其他实现此答案的人注意:请注意,您包含的是org.apache.http.conn.ssl.SSLSocketFactory,而不是javax.net.ssl.SSLSocketFactory。它们不同且不兼容。请记住,从安全角度来看,使用no-op
TrustManager
和ALLOW\u ALL\u HOSTNAME\u验证器是非常值得怀疑的。如果目标是连接到测试环境,可以,但请不要将此代码投入生产。super(null);,行中有错误;,表示构造函数SSLSocketFactory(密钥库)不明确。@请尝试将该null强制转换为SSLContext实例。super((SSLContext)null);