Volley之https信任所有证书实现:

public class HttpsTrustManager implements X509TrustManager {

    private static TrustManager[] trustManagers;

    private static final X509Certificate[] _AcceptedIssuers = new X509Certificate[]{};

    @Override

    public void checkClientTrusted(

            java.security.cert.X509Certificate[] x509Certificates, String s)

            throws java.security.cert.CertificateException {

    }

    @Override

    public void checkServerTrusted(

            java.security.cert.X509Certificate[] x509Certificates, String s)

            throws java.security.cert.CertificateException {

    }

    public boolean isClientTrusted(X509Certificate[] chain) {

        return true;

    }

    public boolean isServerTrusted(X509Certificate[] chain) {

        return true;

    }

    @Override

    public X509Certificate[] getAcceptedIssuers() {

        return _AcceptedIssuers;

    }

    public static void allowAllSSL() {

        HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {

            @Override

            public boolean verify(String arg0, SSLSession arg1) {

                return true;

            }

        });

        SSLContext context = null;

        if (trustManagers == null) {

            trustManagers = new TrustManager[]{new HttpsTrustManager()};

        }

        try {

            context = SSLContext.getInstance("TLS");

            context.init(null, trustManagers, new SecureRandom());

        } catch (NoSuchAlgorithmException e) {

            e.printStackTrace();

        } catch (KeyManagementException e) {

            e.printStackTrace();

        }

        HttpsURLConnection.setDefaultSSLSocketFactory(context

                .getSocketFactory());

    }

}

代码中调用方法如下:

HttpsTrustManager.allowAllSSL();//主要是这行实现信任所有证书的操作

String  tag_string_req = "string_req";

StringRequest strReq = new StringRequest(Request.Method.POST,

        your_https_url, new Response.Listener<String>() {

    @Override

    public void onResponse(String response) {

        Log.d(TAG, "response :"+response);

    }

}, new Response.ErrorListener() {

    @Override

    public void onErrorResponse(VolleyError error) {

        VolleyLog.d(TAG, "Error: " + error.getMessage());

    }

}){

    @Override

    protected Map<String, String> getParams() {

        Map<String, String> params = new HashMap<String, String>();

        params.put("username", "max");

        params.put("password", "123456");

        return params;

    }

};

AppController.getInstance().addToRequestQueue(strReq, tag_string_req);

信任指定的证书文件

HurlStack代码里面有如下方法:

 /**

     * @param urlRewriter Rewriter to use for request URLs

     * @param sslSocketFactory SSL factory to use for HTTPS connections

     * HurlStack这个类的构造大家就会发现其实volley可以支持https了,同样位于toolbox包下

     */

    public HurlStack(UrlRewriter urlRewriter, SSLSocketFactory sslSocketFactory) {

        mUrlRewriter = urlRewriter;

        mSslSocketFactory = sslSocketFactory;

    }
  /**

     * Opens an {@link HttpURLConnection} with parameters.

     * @param url

     * @return an open connection

     * @throws IOException

     */

    private HttpURLConnection openConnection(URL url, Request<?> request) throws IOException {

        HttpURLConnection connection = createConnection(url);

        int timeoutMs = request.getTimeoutMs();

        connection.setConnectTimeout(timeoutMs);

        connection.setReadTimeout(timeoutMs);

        connection.setUseCaches(false);

        connection.setDoInput(true);

        // use caller-provided custom SslSocketFactory, if any, for HTTPS

        if ("https".equals(url.getProtocol()) && mSslSocketFactory != null) {

            ((HttpsURLConnection)connection).setSSLSocketFactory(mSslSocketFactory);

        }

        return connection;

    }

在https协议的情况下,保证mSslSocketFactory 不为null,因此主要的问题是传进去sslSocketFactory这个参数。

stackoverflow上面有个产生这个内容的工具类:

private TrustManager[] getWrappedTrustManagers(TrustManager[] trustManagers) {

        final X509TrustManager originalTrustManager = (X509TrustManager) trustManagers[0];

        return new TrustManager[]{

                new X509TrustManager() {

                    public X509Certificate[] getAcceptedIssuers() {

                        return originalTrustManager.getAcceptedIssuers();

                    }

                    public void checkClientTrusted(X509Certificate[] certs, String authType) {

                        try {

                            originalTrustManager.checkClientTrusted(certs, authType);

                        } catch (CertificateException e) {

                            e.printStackTrace();

                        }

                    }

                    public void checkServerTrusted(X509Certificate[] certs, String authType) {

                        try {

                            originalTrustManager.checkServerTrusted(certs, authType);

                        } catch (CertificateException e) {

                            e.printStackTrace();

                        }

                    }

                }

        };

    }

private SSLSocketFactory getSSLSocketFactory_Certificate(String keyStoreType, int keystoreResId)

        throws CertificateException, KeyStoreException, IOException, NoSuchAlgorithmException, KeyManagementException {

    CertificateFactory cf = CertificateFactory.getInstance("X.509");

    InputStream caInput = getResources().openRawResource(keystoreResId);

    Certificate ca = cf.generateCertificate(caInput);

    caInput.close();

    if (keyStoreType == null || keyStoreType.length() == 0) {

        keyStoreType = KeyStore.getDefaultType();

    }

    KeyStore keyStore = KeyStore.getInstance(keyStoreType);

    keyStore.load(null, null);

    keyStore.setCertificateEntry("ca", ca);

    String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();

    TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);

    tmf.init(keyStore);

    TrustManager[] wrappedTrustManagers = getWrappedTrustManagers(tmf.getTrustManagers());

    SSLContext sslContext = SSLContext.getInstance("TLS");

    sslContext.init(null, wrappedTrustManagers, null);

    return sslContext.getSocketFactory();

}

private SSLSocketFactory getSSLSocketFactory_KeyStore(String keyStoreType, int keystoreResId, String keyPassword)

            throws CertificateException, KeyStoreException, IOException, NoSuchAlgorithmException, KeyManagementException {

        InputStream caInput = getResources().openRawResource(keystoreResId);

        // creating a KeyStore containing trusted CAs

        if (keyStoreType == null || keyStoreType.length() == 0) {

            keyStoreType = KeyStore.getDefaultType();

        }

        KeyStore keyStore = KeyStore.getInstance(keyStoreType);

        keyStore.load(caInput, keyPassword.toCharArray());

        // creating a TrustManager that trusts the CAs in the KeyStore

        String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();

        TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);

        tmf.init(keyStore);

        TrustManager[] wrappedTrustManagers = getWrappedTrustManagers(tmf.getTrustManagers());

        SSLContext sslContext = SSLContext.getInstance("TLS");

        sslContext.init(null, wrappedTrustManagers, null);

        return sslContext.getSocketFactory();

    }

调用后面两个,就能获取SSLSocketFactory 内容,使用如下:

SSLSocketFactory sslSocketFactory = getSSLSocketFactory_KeyStore("BKS", R.raw.androidbksv1, "123456789");

SSLSocketFactory sslSocketFactory = getSSLSocketFactory_Certificate("BKS", R.raw.androidbksv1_cert);

http://stackoverflow.com/questions/32154115/android-volley-self-signed-https-trust-anchor-for-certification-path-not-found

【第六篇】Volley之https相关的更多相关文章

  1. Python之路【第六篇】:socket

    Python之路[第六篇]:socket   Socket socket通常也称作"套接字",用于描述IP地址和端口,是一个通信链的句柄,应用程序通常通过"套接字&quo ...

  2. 一篇读懂HTTPS:加密原理、安全逻辑、数字证书等

    1.引言 HTTPS(全称: Hypertext Transfer Protocol Secure,超文本传输安全协议),是以安全为目标的HTTP通道,简单讲是HTTP的安全版.本文,就来深入介绍下其 ...

  3. 跟我学SpringCloud | 第六篇:Spring Cloud Config Github配置中心

    SpringCloud系列教程 | 第六篇:Spring Cloud Config Github配置中心 Springboot: 2.1.6.RELEASE SpringCloud: Greenwic ...

  4. 跟我学SpringCloud | 第十六篇:微服务利剑之APM平台(二)Pinpoint

    目录 SpringCloud系列教程 | 第十六篇:微服务利剑之APM平台(二)Pinpoint 1. Pinpoint概述 2. Pinpoint主要特性 3. Pinpoint优势 4. Pinp ...

  5. Android Https相关完全解析

    转载: 转载请标明出处: http://blog.csdn.net/lmj623565791/article/details/48129405: 本文出自:[张鸿洋的博客] 一.概述 其实这篇文章理论 ...

  6. Python之路【第十六篇】:Django【基础篇】

    Python之路[第十六篇]:Django[基础篇]   Python的WEB框架有Django.Tornado.Flask 等多种,Django相较与其他WEB框架其优势为:大而全,框架本身集成了O ...

  7. 第六篇 :微信公众平台开发实战Java版之如何自定义微信公众号菜单

    我们来了解一下 自定义菜单创建接口: http请求方式:POST(请使用https协议) https://api.weixin.qq.com/cgi-bin/menu/create?access_to ...

  8. 第六篇 SQL Server安全执行上下文和代码签名

    本篇文章是SQL Server安全系列的第六篇,详细内容请参考原文. SQL Server决定主体是否有必要的执行代码权限的根本途径是其执行上下文规则.这一切都可能复杂一个主体有执行代码的权限,但是却 ...

  9. Android Https相关完全解析 当OkHttp遇到Https

    一.概述 其实这篇文章理论上不限于okhttp去访问自签名的网站,不过接上篇博文了,就叫这个了.首先要了解的事,okhttp默认情况下是支持https协议的网站的,比如https://www.baid ...

随机推荐

  1. [ios2] 获取mac地址 等唯一标识

    - (NSString *) macaddress{        int                 mib[6];    size_t              len;    char    ...

  2. c语言中细节注意(初级)

    /* 编写如下函数,不使用下标运算符,返回字符串str中字符c的个数 (若不存在则为0). */ #include <stdio.h> int str_chnum(const char * ...

  3. (转载)python日期函数

    转载于http://www.cnblogs.com/emanlee/p/4399147.html 所有日期.时间的api都在datetime模块内. 1. 日期输出格式化 datetime => ...

  4. Mybatis学习笔记(二) 之实现数据库的增删改查

    开发环境搭建 mybatis 的开发环境搭建,选择: eclipse j2ee 版本,mysql 5.1 ,jdk 1.7,mybatis3.2.0.jar包.这些软件工具均可以到各自的官方网站上下载 ...

  5. 标签<a>的注意事项1

    使用a标签时,其子元素可以为其他元素,但是不能包含<a>标签,否则会造成布局改变! 因此请尽量不要在a标签里放太多子元素,可以在外层套一个div,其他子元素放在a标签同级下. 正确布局: ...

  6. Python学习--09 模块

    模块让我们能够有逻辑地组织Python代码段.把相关的代码分配到一个 模块里能让我们的代码更好用,更易懂. 导入模块 Python使用import语句导入模块.语法: # 形式一:导入模块 impor ...

  7. jQuery 怎么实现文字显示2s,消失0.5s,再显示2s,再消失0.5s,以此循环

    <div style="display: none;" id='divTestDisplay'>我要显示的文字</div> window.onload = ...

  8. idea中建立maven web项卡在Generating Project in Batch mode

    Maven命令执行到Generating Project in Batch mode 卡住,原因是网络带宽不足问题!需要下载一个约5.1M的xml文件. Maven一般命令:mvn archetype ...

  9. jquery 图片遮罩 坠落遮挡效果

    <!DOCTYPE html><html><head lang="en"> <meta charset="UTF-8" ...

  10. php 中数据类型

    总体划分 8 中 1基本类型(标量) 整型 int 整型的三种写法 <?php $n1 = 123; //10进制 $n2 = 0123; //8进制 $n3 = 0x123;//16进制 // ...