android HTTPS 访问 安全认证
16lz
2021-01-24
在访问HTTPS时需要安装认证在默认情况下,设置所有都可以
创建一个HttpClient 这个设置认证那些
1private
static
HttpClient client = HttpClientHelper.getHttpClient();
public static String HTTPPostJson(String url, JSONObject params) {// HttpClient client = new DefaultHttpClient(); HttpPost post = new HttpPost(url); String responseStr = null; try { StringEntity entity = new StringEntity(params.toString(),HTTP.UTF_8); entity.setContentType("application/json"); post.setEntity(entity); HttpResponse response = client.execute(post); if (HttpURLConnection.HTTP_OK != response.getStatusLine() .getStatusCode()) { Log.e("post result code", ""+response.getStatusLine() .getStatusCode()); return null; } HttpEntity entity2 = response.getEntity(); responseStr = EntityUtils.toString(entity2); } catch (Exception e) { e.printStackTrace(); } return responseStr; }
HttpClientHelper.java
package com.weima.smarthome.utils;import java.io.IOException;import java.io.InputStream;import java.net.InetAddress;import java.net.Socket;import java.net.UnknownHostException;import java.security.KeyManagementException;import java.security.KeyStore;import java.security.KeyStoreException;import java.security.NoSuchAlgorithmException;import java.security.UnrecoverableKeyException;import java.security.cert.CertificateFactory;import javax.net.ssl.SSLContext;import javax.net.ssl.TrustManager;import javax.net.ssl.X509TrustManager;import org.apache.http.HttpVersion;import org.apache.http.client.HttpClient;import org.apache.http.conn.ClientConnectionManager;import org.apache.http.conn.params.ConnManagerParams;import org.apache.http.conn.scheme.PlainSocketFactory;import org.apache.http.conn.scheme.Scheme;import org.apache.http.conn.scheme.SchemeRegistry;import org.apache.http.conn.scheme.SocketFactory;import org.apache.http.conn.ssl.SSLSocketFactory;import org.apache.http.impl.client.DefaultHttpClient;import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager;import org.apache.http.params.BasicHttpParams;import org.apache.http.params.HttpConnectionParams;import org.apache.http.params.HttpParams;import org.apache.http.params.HttpProtocolParams;import org.apache.http.protocol.HTTP;import android.content.res.AssetManager;public class HttpClientHelper { private static HttpClient httpClient; private static final String CLIENT_KEY_KEYSTORE = "BKS"; //"JKS";//密库,这里用的是BouncyCastle密库 private static final String CLIENT_TRUST_KEYSTORE = "BKS"; //"JKS";// private static final String CLIENT_KET_PASSWORD = "***"; //私钥密码 private HttpClientHelper() { } public static synchronized HttpClient getHttpClient() { if (null == httpClient) { // 初始化工 try { // 读取证书// KeyStore kks = KeyStore.getInstance(KeyStore.getDefaultType());//BKS or JKS android只支持bks格式的密库,// kks.load(context.getAssets().open("cacerts.bks"), CLIENT_KET_PASSWORD.toCharArray()); KeyStore kks = KeyStore.getInstance(KeyStore .getDefaultType()); //添加认证 kks.load(null, null); SSLSocketFactory sf = new SSLSocketFactoryEx(kks); sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); //允许?主机的验? HttpParams params = new BasicHttpParams(); HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1); HttpProtocolParams.setContentCharset(params, HTTP.UTF_8); HttpProtocolParams.setUseExpectContinue(params, true); // 设置连接管理器的超时 ConnManagerParams.setTimeout(params, 10000); // 设置连接超时 HttpConnectionParams.setConnectionTimeout(params, 10000); // 设置socket超时 HttpConnectionParams.setSoTimeout(params, 10000); // 设置http https支持 SchemeRegistry schReg = new SchemeRegistry(); schReg.register(new Scheme("http", PlainSocketFactory .getSocketFactory(), 55555)); schReg.register(new Scheme("https", (SocketFactory) sf, 55556)); ClientConnectionManager conManager = new ThreadSafeClientConnManager( params, schReg); httpClient = new DefaultHttpClient(conManager, params); } catch (Exception e) { e.printStackTrace(); return new DefaultHttpClient(); } } return httpClient; }}class SSLSocketFactoryEx extends SSLSocketFactory { SSLContext sslContext = SSLContext.getInstance("TLS"); public SSLSocketFactoryEx(KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { super(truststore); TrustManager tm = new X509TrustManager() { @Override public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkClientTrusted( java.security.cert.X509Certificate[] chain, String authType) throws java.security.cert.CertificateException { } @Override public void checkServerTrusted( java.security.cert.X509Certificate[] chain, String authType) throws java.security.cert.CertificateException { } }; sslContext.init(null, new TrustManager[] { tm }, null); } @Override public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException { return sslContext.getSocketFactory().createSocket(socket, host, port, autoClose); } @Override public Socket createSocket() throws IOException { return sslContext.getSocketFactory().createSocket(); } }
更多相关文章
- 安装APK文件的错误码定义
- android bks证书生成方式
- PXE 批量自动装win10系统(winserver2016+AJK+DMT)
- 如何在Android中增加自己的应用签名校验?
- 报道:Android成为96%的新手机恶意软件的宿主机
- android开发中的数据库定义诀窍
- Android网络编程——https 不验证证书方式(信任所有证书)