x 如果不需要验证服务器端证书,直接照这里做。
  2. public class Demo extends Activity {
  3. /** Called when the activity is first created. */
  4. private TextView text;
  5. @Override
  6. public void onCreate(Bundle savedInstanceState) {
  7. super.onCreate(savedInstanceState);
  8. setContentView(R.layout.main);
  9. text = (TextView)findViewById(R.id.text);
  10. GetHttps();
  11. }
  13. private void GetHttps(){
  14. String https = " https://800wen.com/";
  15. try{
  16. SSLContext sc = SSLContext.getInstance("TLS");
  17. sc.init(null, new TrustManager[]{new MyTrustManager()}, new SecureRandom());
  18. HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
  19. HttpsURLConnection.setDefaultHostnameVerifier(new MyHostnameVerifier());
  20. HttpsURLConnection conn = (HttpsURLConnection)new URL(https).openConnection();
  21. conn.setDoOutput(true);
  22. conn.setDoInput(true);
  23. conn.connect();
  25. BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream()));
  26. StringBuffer sb = new StringBuffer();
  27. String line;
  28. while ((line = br.readLine()) != null)
  29. sb.append(line);
  31. text.setText(sb.toString());
  33. }catch(Exception e){
  34. Log.e(this.getClass().getName(), e.getMessage());
  35. }
  37. }
  39. private class MyHostnameVerifier implements HostnameVerifier{
  41. @Override
  42. public boolean verify(String hostname, SSLSession session) {
  43. // TODO Auto-generated method stub
  44. return true;
  45. }
  46. }
  48. private class MyTrustManager implements X509TrustManager{
  50. @Override
  51. public void checkClientTrusted(X509Certificate[] chain, String authType)
  52. throws CertificateException {
  53. // TODO Auto-generated method stub
  55. }
  57. @Override
  58. public void checkServerTrusted(X509Certificate[] chain, String authType)
  59. throws CertificateException {
  60. // TODO Auto-generated method stub
  62. }
  64. @Override
  65. public X509Certificate[] getAcceptedIssuers() {
  66. // TODO Auto-generated method stub
  67. return null;
  68. }
  69. }
  70. }
复制代码

如果需要验证服务器端证书(这样能够防钓鱼),我是这样做的,还有些问题问大牛:
a.导出公钥。在浏览器上用https访问tomcat,查看其证书,并另存为一个文件(存成了X.509格式:xxxx.cer)
b.导入公钥。把xxxx.cer放在Android的assets文件夹中,以方便在运行时通过代码读取此证书,留了两个问题给大牛:

  2. AssetManager am = context.getAssets();
  3. InputStream ins = am.open("robusoft.cer");
  4. try {
  5. //读取证书
  6. CertificateFactory cerFactory = CertificateFactory.getInstance("X.509");//问1
  7. Certificate cer = cerFactory.generateCertificate(ins);
  8. //创建一个证书库,并将证书导入证书库
  9. KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC"); //问2
  10. keyStore.load(null, null);
  11. keyStore.setCertificateEntry("trust", cer);
  12. return keyStore;
  13. } finally {
  14. ins.close();
  15. }
  16. //把咱的证书库作为信任证书库
  17. SSLSocketFactory socketFactory = new SSLSocketFactory(keystore);
  18. Scheme sch = new Scheme("https", socketFactory, 443);
  19. //完工
  20. HttpClient mHttpClient = new DefaultHttpClient();
  21. mHttpClient.getConnectionManager().getSchemeRegistry().register(sch);
复制代码

问1:这里用"PKCS12"不行
答1:PKCS12和JKS是keystore的type,不是Certificate的type,所以X.509不能用PKCS12代替

问2:这里用"JKS"不行。

答2:android平台上支持的keystore type好像只有PKCS12,不支持JKS,所以不能用JKS代替在PKCS12,不过在windows平台上是可以代替的

更多相关文章

  1. 没有一行代码,「2020 新冠肺炎记忆」这个项目却登上了 GitHub 中
  2. Flutter ------- WebView加载网页
  3. 时间和日期选择器DatePicker和TimePicker的使用
  4. android 4.0系统webview加载网页出现白屏
  5. Android(安卓)4.0 HDMI相关代码
  6. SystemBarTint的使用
  7. AndroidStudio中使用SVG
  8. 如何设置android HttpPost 连接服务器超时
  9. android开发大作业开发记录(关于制作圆角按钮)

随机推荐

  1. [Android(安卓)NDK]添加C++11和C++14支持
  2. Android(安卓)API Demo实例解析
  3. android布局之线性布局(LinearLayout)
  4. Android(安卓)PackageManagerService(二)下
  5. android 中关于SimpleAdapter构造参数的
  6. ListView的item高度调整
  7. Android根据Url显示gif类型图片
  8. Android(安卓)骁龙Camera拍照流程梳理
  9. Android:为什么声明控件和控件赋值要分开
  10. 面试题六:异步消息处理机制