如果不需要验证服务器端证书，直接照这里做

[java] view plain copy print ?

1. publicclassDemoextendsActivity{
2. /**Calledwhentheactivityisfirstcreated.*/
3. privateTextViewtext;
4. @Override
5. publicvoidonCreate(BundlesavedInstanceState){
6. super.onCreate(savedInstanceState);
7. setContentView(R.layout.main);
8. text=(TextView)findViewById(R.id.text);
9. GetHttps();
10. }
12. privatevoidGetHttps(){
13. Stringhttps="https://800wen.com/";
14. try{
15. SSLContextsc=SSLContext.getInstance("TLS");
16. sc.init(null,newTrustManager[]{newMyTrustManager()},newSecureRandom());
17. HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
18. HttpsURLConnection.setDefaultHostnameVerifier(newMyHostnameVerifier());
19. HttpsURLConnectionconn=(HttpsURLConnection)newURL(https).openConnection();
20. conn.setDoOutput(true);
21. conn.setDoInput(true);
22. conn.connect();
24. BufferedReaderbr=newBufferedReader(newInputStreamReader(conn.getInputStream()));
25. StringBuffersb=newStringBuffer();
26. Stringline;
27. while((line=br.readLine())!=null)
28. sb.append(line);
30. text.setText(sb.toString());
32. }catch(Exceptione){
33. Log.e(this.getClass().getName(),e.getMessage());
34. }
36. }
38. privateclassMyHostnameVerifierimplementsHostnameVerifier{
40. @Override
41. publicbooleanverify(Stringhostname,SSLSessionsession){
42. //TODOAuto-generatedmethodstub
43. returntrue;
44. }
45. }
47. privateclassMyTrustManagerimplementsX509TrustManager{
49. @Override
50. publicvoidcheckClientTrusted(X509Certificate[]chain,StringauthType)
51. throwsCertificateException{
52. //TODOAuto-generatedmethodstub
54. }
56. @Override
57. publicvoidcheckServerTrusted(X509Certificate[]chain,StringauthType)
58. throwsCertificateException{
59. //TODOAuto-generatedmethodstub
61. }
63. @Override
64. publicX509Certificate[]getAcceptedIssuers(){
65. //TODOAuto-generatedmethodstub
66. returnnull;
67. }
68. }
69. }

    public class Demo extends Activity {        /** Called when the activity is first created. */            private TextView text;        @Override        public void onCreate(Bundle savedInstanceState) {            super.onCreate(savedInstanceState);            setContentView(R.layout.main);            text = (TextView)findViewById(R.id.text);            GetHttps();        }                private void GetHttps(){                String https = " https://800wen.com/";                try{                        SSLContext sc = SSLContext.getInstance("TLS");                        sc.init(null, new TrustManager[]{new MyTrustManager()}, new SecureRandom());                        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());                        HttpsURLConnection.setDefaultHostnameVerifier(new MyHostnameVerifier());                        HttpsURLConnection conn = (HttpsURLConnection)new URL(https).openConnection();                        conn.setDoOutput(true);                        conn.setDoInput(true);                        conn.connect();                                                 BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream()));                  StringBuffer sb = new StringBuffer();                  String line;                  while ((line = br.readLine()) != null)                          sb.append(line);                                                 text.setText(sb.toString());                                        }catch(Exception e){                        Log.e(this.getClass().getName(), e.getMessage());                }                        }                private class MyHostnameVerifier implements HostnameVerifier{                    @Override                    public boolean verify(String hostname, SSLSession session) {                            // TODO Auto-generated method stub                            return true;                    }        }                private class MyTrustManager implements X509TrustManager{                    @Override                    public void checkClientTrusted(X509Certificate[] chain, String authType)                                    throws CertificateException {                            // TODO Auto-generated method stub                                                }                    @Override                    public void checkServerTrusted(X509Certificate[] chain, String authType)                                    throws CertificateException {                            // TODO Auto-generated method stub                                                }                    @Override                    public X509Certificate[] getAcceptedIssuers() {                            // TODO Auto-generated method stub                            return null;                    }                }      }

如果需要验证服务器端证书（这样能够防钓鱼），我是这样做的，还有些问题问大牛：
a. 导出公钥。在浏览器上用https访问tomcat，查看其证书，并另存为一个文件(存成了X.509格式：xxxx.cer)
b. 导入公钥。把xxxx.cer放在Android的assets文件夹中，以方便在运行时通过代码读取此证书，留了两个问题给大牛：

[java] view plain copy print ?

1. AssetManageram=context.getAssets();
2. InputStreamins=am.open("robusoft.cer");
3. try{
4. //读取证书
5. CertificateFactorycerFactory=CertificateFactory.getInstance("X.509");//问1
6. Certificatecer=cerFactory.generateCertificate(ins);
7. //创建一个证书库，并将证书导入证书库
8. KeyStorekeyStore=KeyStore.getInstance("PKCS12","BC");//问2
9. keyStore.load(null,null);
10. keyStore.setCertificateEntry("trust",cer);
11. returnkeyStore;
12. }finally{
13. ins.close();
14. }
15. //把咱的证书库作为信任证书库
16. SSLSocketFactorysocketFactory=newSSLSocketFactory(keystore);
17. Schemesch=newScheme("https",socketFactory,443);
18. //完工
19. HttpClientmHttpClient=newDefaultHttpClient();
20. mHttpClient.getConnectionManager().getSchemeRegistry().register(sch);

    AssetManager am = context.getAssets();    InputStream ins = am.open("robusoft.cer");    try {            //读取证书            CertificateFactory cerFactory = CertificateFactory.getInstance("X.509");  //问1            Certificate cer = cerFactory.generateCertificate(ins);            //创建一个证书库，并将证书导入证书库            KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");   //问2            keyStore.load(null, null);            keyStore.setCertificateEntry("trust", cer);            return keyStore;    } finally {            ins.close();    }    //把咱的证书库作为信任证书库    SSLSocketFactory socketFactory = new SSLSocketFactory(keystore);    Scheme sch = new Scheme("https", socketFactory, 443);    //完工    HttpClient mHttpClient = new DefaultHttpClient();    mHttpClient.getConnectionManager().getSchemeRegistry().register(sch);

问1：这里用"PKCS12"不行

答1：PKCS12和JKS是keystore的type，不是Certificate的type，所以X.509不能用PKCS12代替

问2：这里用"JKS"不行。

答2：android平台上支持的keystore type好像只有PKCS12，不支持JKS，所以不能用JKS代替在PKCS12，不过在windows平台上是可以代替的

更多相关文章

1. Android内核驱动开发中的Kconfig文件结构分析(图文)
2. Android震动和播放资源文件中的声音文件
3. Android文件管理器开发对各类文件的打开以及处理
4. xml文件
5. android sdcard存储方案（基于fuse文件系统）：之一
6. android读取data/data/包名/file路径下的txt文件
7. 文件多线程下载实现
8. 基于Android TV端的文件选择器（UI比较丑，主要看逻辑）

随机推荐

1. android activity之间传递对象（Serializab
2. Android 判断所有字段是否已经输入的实例
3. android上怎样让一个Service开机自动启动
4. Android(安卓)Bitmap内存限制
5. Android的 ViewPager 简单运用
6. Android 菜单项选项
7. Android ListView例子详解
8. Android(安卓)Studio gradle配置详解
9. android 程序开发的插件化 模块化方法 之
10. android之Shape和selector等