Android https 证书信任问题

因为最近公司的open api服务器访问协议换成了https，所以 android 在使用okhttp 走https 访问的时候遇到了证书信任的问题，

在这里把我走过的弯路记下来，一如既往的话不多说，上码：

OkHttpClientsClient=newOkHttpClient();//设置超时时间sClient.setConnectTimeout(8000,TimeUnit.MILLISECONDS);sClient.setReadTimeout(8000,TimeUnit.MILLISECONDS);//注册拦截器sClient.interceptors().add(newBaseInterceptor(context));

第一种方式：

sClient.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

运行结果：

javax.net.ssl.SSLHandshakeException:java.security.cert.CertPathValidatorException:Trustanchorforcertificationpathnotfound.11-2611:17:57.26417106-17268/com.dooioo.addressbookW/System.err:atcom.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:410)11-2611:17:57.26417106-17268/com.dooioo.addressbookW/System.err:atcom.squareup.okhttp.Connection.connectTls(Connection.java:235)11-2611:17:57.26417106-17268/com.dooioo.addressbookW/System.err:atcom.squareup.okhttp.Connection.connectSocket(Connection.java:199)11-2611:17:57.26417106-1726

以失败告终！！！！！

经过多处查询后采用

第二种方案：

sClient.setHostnameVerifier(newHostnameVerifier(){@Overridepublicbooleanverify(Stringhostname,SSLSessionsession){returntrue;}});

怀着侥幸的心理运行了一下

运行结果：

javax.net.ssl.SSLHandshakeException:java.security.cert.CertPathValidatorException:Trustanchorforcertificationpathnotfound.11-2716:18:54.41716801-16946/com.dooioo.addressbookW/System.err:atcom.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:410)11-2716:18:54.41716801-16946/com.dooioo.addressbookW/System.err:atcom.squareup.okhttp.Connection.connectTls(Connection.java:235)11-2716:18:54.41716801-16946/com.dooioo.addressbookW/System.err:atcom.squareup.okhttp.Connection.connectSocket(Connection.java:199)11-2716:18:54.42716801-16946/com.dooioo.addressbookW/System.err:atcom.squareup.okhttp.Connection.connect(Connection.java:172)11-2716:18:54.42716801-16943/com.dooioo.addressbookW/System.err:atjavax.net.ssl.SSLHandshakeException:java.security.cert.CertPathValidatorException:Trustanchorforcertificationpathnotfound.11-2716:18:54.42716801-16943/com.dooioo.addressbookW/System.err:atcom.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:410)11-2716:18:54.42716801-16943/com.dooioo.addressbookW/System.err:atcom.squareup.okhttp.Connection.connectTls(Connection.java:235)11-2716:18:54.42716801-16943/com.dooioo.addressbookW/System.err:atcom.squareup.okhttp.Connection.connectSocket(Connection.java:199)11-2716:18:54.42716801-16943/com.dooioo.addressbookW/System.err:atcom.squareup.okhttp.Connection.connect(Connection.java:172)11-2716:18:54.42716801-16943/com.dooioo.addressbookW/System.err:atcom.squareup.okhttp.Connection.connectAndSetOwner(Connection.java:367)11-2716:18:54.42716801-16946/com.dooioo.addressbookW/System.err:atcom.squareup.okhttp.Connection.connectAndSetOwner(Connection.java:367)11-2716:18:54.42716801-16943/com.dooioo.addressbookW/System.err:atcom.squareup.okhttp.OkHttpClient$1.connectAndSetOwner(OkHttpClient.java:128)11-2716:18:54.42716801-16943/com.dooioo.addressbookW/System.err:atcom.squareup.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:328)11-2716:18:54.42716801-16943/com.dooioo.addressbookW/System.err:atcom.squareup.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:245)

同样还是以失败而告终呢，这下怎么办呢，总不能说部解决吧，只好硬着头皮继续找资料

最终的解决方案：

SSLContextsc=SSLContext.getInstance("SSL");sc.init(null,newTrustManager[]{newX509TrustManager(){@OverridepublicvoidcheckClientTrusted(X509Certificate[]chain,StringauthType)throwsCertificateException{}@OverridepublicvoidcheckServerTrusted(X509Certificate[]chain,StringauthType)throwsCertificateException{}@OverridepublicX509Certificate[]getAcceptedIssuers(){returnnull;}}},newSecureRandom());sClient.setSslSocketFactory(sc.getSocketFactory());sClient.setHostnameVerifier(newHostnameVerifier(){@Overridepublicbooleanverify(Stringhostname,SSLSessionsession){returntrue;}});

最终解决问题，成功信任所有证书！！！！

当然了，这个最好是用在开发环境上，正式环境的证书信息，最好不要用这种全部信任的方式，不然https 就形同虚设了……

对应的问题请移步>>>>>>>>>Android https 信任

更多相关文章

随机推荐