Android WebView ssl错误
对不起我的英语。我需要加载url https,我有一些问题。当我尝试加载页面时,webView给了我一个错误Android WebView ssl错误,android,ssl,webview,Android,Ssl,Webview,对不起我的英语。我需要加载url https,我有一些问题。当我尝试加载页面时,webView给了我一个错误 primary error: 3 certificate: Issued to: CN=my-site.com; Issued by: CN=GeoTrust DV SSL CA - G3,OU=Domain Validated SSL,O=GeoTrust Inc.,C=US; on URL: https://my-site.com/tutorial.php 如果我创建自定义WebV
primary error: 3 certificate: Issued to: CN=my-site.com;
Issued by: CN=GeoTrust DV SSL CA - G3,OU=Domain Validated SSL,O=GeoTrust Inc.,C=US;
on URL: https://my-site.com/tutorial.php
@Override
public void onReceivedSslError(WebView view, final SslErrorHandler handler, SslError error) {
handler.proceed();
}
final AlertDialog.Builder builder = new AlertDialog.Builder(WebViewTutorials.this);
String message = "SSL Certificate error.";
switch (error.getPrimaryError()) {
case SslError.SSL_UNTRUSTED:
message = "The certificate authority is not trusted.";
break;
case SslError.SSL_EXPIRED:
message = "The certificate has expired.";
break;
case SslError.SSL_IDMISMATCH:
message = "The certificate Hostname mismatch.";
break;
case SslError.SSL_NOTYETVALID:
message = "The certificate is not yet valid.";
break;
}
message += " Do you want to continue anyway?";
builder.setTitle("SSL Certificate Error");
builder.setMessage(message);
builder.setPositiveButton("continue", new DialogInterface.OnClickListener() {
@Override
public void onClick(DialogInterface dialog, int which) {
handler.proceed();
}
});
builder.setNegativeButton("cancel", new DialogInterface.OnClickListener() {
@Override
public void onClick(DialogInterface dialog, int which) {
//handler.cancel();
finish();
}
});
final AlertDialog dialog = builder.create();
dialog.show();
Your APK has been rejected for containing security vulnerabilities, which violates the Malicious Behavior policy
@Override
public void onReceivedSslError(WebView view, final SslErrorHandler handler, SslError error) {
handler.proceed();
}
final AlertDialog.Builder builder = new AlertDialog.Builder(WebViewTutorials.this);
String message = "SSL Certificate error.";
switch (error.getPrimaryError()) {
case SslError.SSL_UNTRUSTED:
message = "The certificate authority is not trusted.";
break;
case SslError.SSL_EXPIRED:
message = "The certificate has expired.";
break;
case SslError.SSL_IDMISMATCH:
message = "The certificate Hostname mismatch.";
break;
case SslError.SSL_NOTYETVALID:
message = "The certificate is not yet valid.";
break;
}
message += " Do you want to continue anyway?";
builder.setTitle("SSL Certificate Error");
builder.setMessage(message);
builder.setPositiveButton("continue", new DialogInterface.OnClickListener() {
@Override
public void onClick(DialogInterface dialog, int which) {
handler.proceed();
}
});
builder.setNegativeButton("cancel", new DialogInterface.OnClickListener() {
@Override
public void onClick(DialogInterface dialog, int which) {
//handler.cancel();
finish();
}
});
final AlertDialog dialog = builder.create();
dialog.show();
后台的人说“这是你客户的问题”。我不知道我该怎么做,需要显示用户webView页面,但不显示带有警告的弹出窗口。您好,您的第一个问题是SSL证书,webView不需要生成HTTPS连接。无论如何,另一个问题是您重写了onReceivedSlerror的方法,并使用handler.continue();未告知用户您使用不安全连接是android的安全漏洞,因此Play Store不允许您发布apk 最好的方法是纠正证书问题,因为应用程序可以通过https连接与服务器通信 无论如何,您可以通过以下方式更改方法的实现,例如,以避免发布问题:
@凌驾
ReceivedSlerRor上的公共无效(WebView视图,最终SslErrorHandler,SslError错误){
final AlertDialog.Builder=新建AlertDialog.Builder(此);
builder.setMessage(R.string.notification\u error\u ssl\u cert\u invalid);
setPositiveButton(“继续”,新建DialogInterface.OnClickListener()){
@凌驾
public void onClick(DialogInterface dialog,int which){
handler.procedure();
}
});
setNegativeButton(“取消”,新建DialogInterface.OnClickListener()){
@凌驾
public void onClick(DialogInterface dialog,int which){
handler.cancel();
}
});
最终AlertDialog=builder.create();
dialog.show();
}
您可以查看android开发人员的安全部分,以获取有关此漏洞和更正的更多信息。您不应忽略SSL错误,但服务器应使用受公众信任并正确配置的证书。但是,由于服务器未知,因此无法确定当前证书/配置的具体问题。您的服务器是否为my-site.com返回完整的证书链?使用SSL Labs()等在线扫描仪进行检查。如果您拥有来自GeoTrust的域验证证书,则不必执行所有这些自定义SSL处理。