Java 使用自签名证书在Android中保护HTTP Post
我目前正在为我的组织网站开发我的第一个android应用程序和第一个api。我正在尝试使用安全连接从android应用程序连接到api。我们的网站在8090上有一个测试端口,我正试图用它来测试api,但我遇到的问题是,我在网站上有一个自签名证书,从我在线阅读的内容来看,android应用程序不喜欢这个证书。为了确保api没有问题,我将其与http连接(而不是https连接)一起使用,效果非常好。我在网上找到了一些解决方案,其中包括一对来自这个网站的解决方案,但似乎都不起作用。再说一次,我没有太多为Android开发的经验,所以我的很多尝试只是从我在网上找到的解决方案中复制和粘贴。以下是我尝试过的一些链接: 我现在找不到其他页面的链接,但下面是我当前用于连接的代码:Java 使用自签名证书在Android中保护HTTP Post,java,android,post,https,certificate,Java,Android,Post,Https,Certificate,我目前正在为我的组织网站开发我的第一个android应用程序和第一个api。我正在尝试使用安全连接从android应用程序连接到api。我们的网站在8090上有一个测试端口,我正试图用它来测试api,但我遇到的问题是,我在网站上有一个自签名证书,从我在线阅读的内容来看,android应用程序不喜欢这个证书。为了确保api没有问题,我将其与http连接(而不是https连接)一起使用,效果非常好。我在网上找到了一些解决方案,其中包括一对来自这个网站的解决方案,但似乎都不起作用。再说一次,我没有太多
HttpClient httpclient = new DefaultHttpClient();
HttpPost httppost = new HttpPost("https://website.edu:8090/api.php?");
try {
// Add your data
List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>();
nameValuePairs.add(new BasicNameValuePair("method", "login"));
nameValuePairs.add(new BasicNameValuePair("user", username.getText().toString()));
nameValuePairs.add(new BasicNameValuePair("pass", md5(password.getText().toString())));
nameValuePairs.add(new BasicNameValuePair("submitLogin", "1"));
httppost.setEntity(new UrlEncodedFormEntity(nameValuePairs, HTTP.UTF_8));
HttpParams params = httppost.getParams();
HttpConnectionParams.setConnectionTimeout(params, 45000);
HttpConnectionParams.setSoTimeout(params, 45000);
// Execute HTTP Post Request
HttpResponse response = httpclient.execute(httppost);
} catch (ClientProtocolException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
HttpClient-HttpClient=newdefaulthttpclient();
HttpPost HttpPost=新的HttpPost(“https://website.edu:8090/api.php?");
试一试{
//添加您的数据
List nameValuePairs=新的ArrayList();
添加(新的BasicNameValuePair(“方法”、“登录”);
添加(新的BasicNameValuePair(“用户”,username.getText().toString());
添加(新的BasicNameValuePair(“pass”,md5(password.getText().toString()));
添加(新的BasicNameValuePair(“submitLogin”,“1”));
setEntity(新的UrlEncodedFormEntity(nameValuePairs,HTTP.UTF_8));
HttpParams params=httppost.getParams();
HttpConnectionParams.setConnectionTimeout(参数,45000);
HttpConnectionParams.setSoTimeout(参数,45000);
//执行HTTP Post请求
HttpResponse response=httpclient.execute(httppost);
}捕获(客户端协议例外e){
e、 printStackTrace();
}捕获(IOE){
e、 printStackTrace();
}
我还想补充一点,购买证书不是一个选项,因为我们没有预算,所以任何能够解决自签名证书问题的东西都是很好的。提前谢谢 在签署之前,是否可以暂时忽略序列号 试试这个:
public static javax.net.ssl.TrustManager getTrustManager()
{
javax.net.ssl.TrustManager tm = new javax.net.ssl.X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(
java.security.cert.X509Certificate[] chain, String authType)
throws java.security.cert.CertificateException {
}
@Override
public void checkServerTrusted(
java.security.cert.X509Certificate[] chain, String authType)
throws java.security.cert.CertificateException {
}
};
return tm;
}
public static DefaultHttpClient getThreadSafeClient() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, KeyManagementException, UnrecoverableKeyException {
DefaultHttpClient client = new DefaultHttpClient();
ClientConnectionManager mgr = client.getConnectionManager();
HttpParams cleintParams = client.getParams();
cleintParams.setBooleanParameter("http.protocol.expect-continue", true);
cleintParams.setBooleanParameter("http.protocol.warn-extra-input", true);
// params.setIntParameter("http.socket.receivebuffer", 999999);
//---->> SSL
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
trustStore.load(null, null);
SSLSocketFactory sf = new MySSLSocketFactory(trustStore);
sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
HttpParams params = new BasicHttpParams();
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
// HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
registry.register(new Scheme("https", sf, 443));
//<<------
client = new DefaultHttpClient(new ThreadSafeClientConnManager(params, registry), cleintParams);
return client;
}
publicstaticjavax.net.ssl.TrustManager getTrustManager()
{
javax.net.ssl.TrustManager tm=新的javax.net.ssl.X509TrustManager(){
public java.security.cert.X509Certificate[]getAcceptedIssuers(){
返回null;
}
@凌驾
公共无效checkClientTrusted(
java.security.cert.X509Certificate[]链,字符串authType)
抛出java.security.cert.CertificateException{
}
@凌驾
公共无效检查服务器受信任(
java.security.cert.X509Certificate[]链,字符串authType)
抛出java.security.cert.CertificateException{
}
};
返回tm;
}
public static DefaultHttpClient getThreadSafeClient()抛出KeyStoreException、NoSuchAlgorithmException、CertificateException、IOException、KeyManagementException、UnrecoverableKeyException{
DefaultHttpClient=新的DefaultHttpClient();
ClientConnectionManager mgr=client.getConnectionManager();
HttpParams cleintParams=client.getParams();
cleintParams.setBooleanParameter(“http.protocol.expect continue”,true);
cleintParams.setBooleanParameter(“http.protocol.warn-extra-input”,true);
//setIntParameter(“http.socket.receivebuffer”,99999);
//---->>SSL
KeyStore trustStore=KeyStore.getInstance(KeyStore.getDefaultType());
load(null,null);
SSLSocketFactory sf=新的MySSLocketFactory(信任商店);
sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
HttpParams params=新的BasicHttpParams();
HttpProtocolParams.setVersion(params,HttpVersion.HTTP_1_1);
//HttpProtocolParams.setContentCharset(params,HTTP.UTF_8);
SchemeRegistry registry=新SchemeRegistry();
register(新方案(“http”,PlainSocketFactory.getSocketFactory(),80));
注册(新方案(“https”,sf,443));
// 在签署之前,也许暂时忽略系列赛
试试这个:
public static javax.net.ssl.TrustManager getTrustManager()
{
javax.net.ssl.TrustManager tm = new javax.net.ssl.X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(
java.security.cert.X509Certificate[] chain, String authType)
throws java.security.cert.CertificateException {
}
@Override
public void checkServerTrusted(
java.security.cert.X509Certificate[] chain, String authType)
throws java.security.cert.CertificateException {
}
};
return tm;
}
public static DefaultHttpClient getThreadSafeClient() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, KeyManagementException, UnrecoverableKeyException {
DefaultHttpClient client = new DefaultHttpClient();
ClientConnectionManager mgr = client.getConnectionManager();
HttpParams cleintParams = client.getParams();
cleintParams.setBooleanParameter("http.protocol.expect-continue", true);
cleintParams.setBooleanParameter("http.protocol.warn-extra-input", true);
// params.setIntParameter("http.socket.receivebuffer", 999999);
//---->> SSL
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
trustStore.load(null, null);
SSLSocketFactory sf = new MySSLSocketFactory(trustStore);
sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
HttpParams params = new BasicHttpParams();
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
// HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
registry.register(new Scheme("https", sf, 443));
//<<------
client = new DefaultHttpClient(new ThreadSafeClientConnManager(params, registry), cleintParams);
return client;
}
publicstaticjavax.net.ssl.TrustManager getTrustManager()
{
javax.net.ssl.TrustManager tm=新的javax.net.ssl.X509TrustManager(){
public java.security.cert.X509Certificate[]getAcceptedIssuers(){
返回null;
}
@凌驾
公共无效checkClientTrusted(
java.security.cert.X509Certificate[]链,字符串authType)
抛出java.security.cert.CertificateException{
}
@凌驾
公共无效检查服务器受信任(
java.security.cert.X509Certificate[]链,字符串authType)
抛出java.security.cert.CertificateException{
}
};
返回tm;
}
public static DefaultHttpClient getThreadSafeClient()抛出KeyStoreException、NoSuchAlgorithmException、CertificateException、IOException、KeyManagementException、UnrecoverableKeyException{
DefaultHttpClient=新的DefaultHttpClient();
ClientConnectionManager mgr=client.getConnectionManager();
HttpParams cleintParams=client.getParams();
cleintParams.setBooleanParameter(“http.protocol.expect continue”,true);
cleintParams.setBooleanParameter(“http.protocol.warn-extra-input”,true);
//setIntParameter(“http.socket.receivebuffer”,99999);
//---->>SSL
KeyStore trustStore=KeyStore.getInstance(KeyStore.getDefaultType());
load(null,null);
SSLSocketFactory sf=新MySSLSocketF