Volley之https信任所有证书实现:

public class HttpsTrustManager implements X509TrustManager {

    private static TrustManager[] trustManagers;

    private static final X509Certificate[] _AcceptedIssuers = new X509Certificate[]{};

    @Override

    public void checkClientTrusted(

            java.security.cert.X509Certificate[] x509Certificates, String s)

            throws java.security.cert.CertificateException {

    }

    @Override

    public void checkServerTrusted(

            java.security.cert.X509Certificate[] x509Certificates, String s)

            throws java.security.cert.CertificateException {

    }

    public boolean isClientTrusted(X509Certificate[] chain) {

        return true;

    }

    public boolean isServerTrusted(X509Certificate[] chain) {

        return true;

    }

    @Override

    public X509Certificate[] getAcceptedIssuers() {

        return _AcceptedIssuers;

    }

    public static void allowAllSSL() {

        HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {

            @Override

            public boolean verify(String arg0, SSLSession arg1) {

                return true;

            }

        });

        SSLContext context = null;

        if (trustManagers == null) {

            trustManagers = new TrustManager[]{new HttpsTrustManager()};

        }

        try {

            context = SSLContext.getInstance("TLS");

            context.init(null, trustManagers, new SecureRandom());

        } catch (NoSuchAlgorithmException e) {

            e.printStackTrace();

        } catch (KeyManagementException e) {

            e.printStackTrace();

        }

        HttpsURLConnection.setDefaultSSLSocketFactory(context

                .getSocketFactory());

    }

}

代码中调用方法如下:

HttpsTrustManager.allowAllSSL();//主要是这行实现信任所有证书的操作

String  tag_string_req = "string_req";

StringRequest strReq = new StringRequest(Request.Method.POST,

        your_https_url, new Response.Listener<String>() {

    @Override

    public void onResponse(String response) {

        Log.d(TAG, "response :"+response);

    }

}, new Response.ErrorListener() {

    @Override

    public void onErrorResponse(VolleyError error) {

        VolleyLog.d(TAG, "Error: " + error.getMessage());

    }

}){

    @Override

    protected Map<String, String> getParams() {

        Map<String, String> params = new HashMap<String, String>();

        params.put("username", "max");

        params.put("password", "123456");

        return params;

    }

};

AppController.getInstance().addToRequestQueue(strReq, tag_string_req);

信任指定的证书文件

HurlStack代码里面有如下方法:

 /**

     * @param urlRewriter Rewriter to use for request URLs

     * @param sslSocketFactory SSL factory to use for HTTPS connections

     * HurlStack这个类的构造大家就会发现其实volley可以支持https了,同样位于toolbox包下

     */

    public HurlStack(UrlRewriter urlRewriter, SSLSocketFactory sslSocketFactory) {

        mUrlRewriter = urlRewriter;

        mSslSocketFactory = sslSocketFactory;

    }
  /**

     * Opens an {@link HttpURLConnection} with parameters.

     * @param url

     * @return an open connection

     * @throws IOException

     */

    private HttpURLConnection openConnection(URL url, Request<?> request) throws IOException {

        HttpURLConnection connection = createConnection(url);

        int timeoutMs = request.getTimeoutMs();

        connection.setConnectTimeout(timeoutMs);

        connection.setReadTimeout(timeoutMs);

        connection.setUseCaches(false);

        connection.setDoInput(true);

        // use caller-provided custom SslSocketFactory, if any, for HTTPS

        if ("https".equals(url.getProtocol()) && mSslSocketFactory != null) {

            ((HttpsURLConnection)connection).setSSLSocketFactory(mSslSocketFactory);

        }

        return connection;

    }

在https协议的情况下,保证mSslSocketFactory 不为null,因此主要的问题是传进去sslSocketFactory这个参数。

stackoverflow上面有个产生这个内容的工具类:

private TrustManager[] getWrappedTrustManagers(TrustManager[] trustManagers) {

        final X509TrustManager originalTrustManager = (X509TrustManager) trustManagers[0];

        return new TrustManager[]{

                new X509TrustManager() {

                    public X509Certificate[] getAcceptedIssuers() {

                        return originalTrustManager.getAcceptedIssuers();

                    }

                    public void checkClientTrusted(X509Certificate[] certs, String authType) {

                        try {

                            originalTrustManager.checkClientTrusted(certs, authType);

                        } catch (CertificateException e) {

                            e.printStackTrace();

                        }

                    }

                    public void checkServerTrusted(X509Certificate[] certs, String authType) {

                        try {

                            originalTrustManager.checkServerTrusted(certs, authType);

                        } catch (CertificateException e) {

                            e.printStackTrace();

                        }

                    }

                }

        };

    }

private SSLSocketFactory getSSLSocketFactory_Certificate(String keyStoreType, int keystoreResId)

        throws CertificateException, KeyStoreException, IOException, NoSuchAlgorithmException, KeyManagementException {

    CertificateFactory cf = CertificateFactory.getInstance("X.509");

    InputStream caInput = getResources().openRawResource(keystoreResId);

    Certificate ca = cf.generateCertificate(caInput);

    caInput.close();

    if (keyStoreType == null || keyStoreType.length() == 0) {

        keyStoreType = KeyStore.getDefaultType();

    }

    KeyStore keyStore = KeyStore.getInstance(keyStoreType);

    keyStore.load(null, null);

    keyStore.setCertificateEntry("ca", ca);

    String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();

    TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);

    tmf.init(keyStore);

    TrustManager[] wrappedTrustManagers = getWrappedTrustManagers(tmf.getTrustManagers());

    SSLContext sslContext = SSLContext.getInstance("TLS");

    sslContext.init(null, wrappedTrustManagers, null);

    return sslContext.getSocketFactory();

}

private SSLSocketFactory getSSLSocketFactory_KeyStore(String keyStoreType, int keystoreResId, String keyPassword)

            throws CertificateException, KeyStoreException, IOException, NoSuchAlgorithmException, KeyManagementException {

        InputStream caInput = getResources().openRawResource(keystoreResId);

        // creating a KeyStore containing trusted CAs

        if (keyStoreType == null || keyStoreType.length() == 0) {

            keyStoreType = KeyStore.getDefaultType();

        }

        KeyStore keyStore = KeyStore.getInstance(keyStoreType);

        keyStore.load(caInput, keyPassword.toCharArray());

        // creating a TrustManager that trusts the CAs in the KeyStore

        String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();

        TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);

        tmf.init(keyStore);

        TrustManager[] wrappedTrustManagers = getWrappedTrustManagers(tmf.getTrustManagers());

        SSLContext sslContext = SSLContext.getInstance("TLS");

        sslContext.init(null, wrappedTrustManagers, null);

        return sslContext.getSocketFactory();

    }

调用后面两个,就能获取SSLSocketFactory 内容,使用如下:

SSLSocketFactory sslSocketFactory = getSSLSocketFactory_KeyStore("BKS", R.raw.androidbksv1, "123456789");

SSLSocketFactory sslSocketFactory = getSSLSocketFactory_Certificate("BKS", R.raw.androidbksv1_cert);

http://stackoverflow.com/questions/32154115/android-volley-self-signed-https-trust-anchor-for-certification-path-not-found

【第六篇】Volley之https相关的更多相关文章

  1. Python之路【第六篇】:socket

    Python之路[第六篇]:socket   Socket socket通常也称作"套接字",用于描述IP地址和端口,是一个通信链的句柄,应用程序通常通过"套接字&quo ...

  2. 一篇读懂HTTPS:加密原理、安全逻辑、数字证书等

    1.引言 HTTPS(全称: Hypertext Transfer Protocol Secure,超文本传输安全协议),是以安全为目标的HTTP通道,简单讲是HTTP的安全版.本文,就来深入介绍下其 ...

  3. 跟我学SpringCloud | 第六篇:Spring Cloud Config Github配置中心

    SpringCloud系列教程 | 第六篇:Spring Cloud Config Github配置中心 Springboot: 2.1.6.RELEASE SpringCloud: Greenwic ...

  4. 跟我学SpringCloud | 第十六篇:微服务利剑之APM平台(二)Pinpoint

    目录 SpringCloud系列教程 | 第十六篇:微服务利剑之APM平台(二)Pinpoint 1. Pinpoint概述 2. Pinpoint主要特性 3. Pinpoint优势 4. Pinp ...

  5. Android Https相关完全解析

    转载: 转载请标明出处: http://blog.csdn.net/lmj623565791/article/details/48129405: 本文出自:[张鸿洋的博客] 一.概述 其实这篇文章理论 ...

  6. Python之路【第十六篇】:Django【基础篇】

    Python之路[第十六篇]:Django[基础篇]   Python的WEB框架有Django.Tornado.Flask 等多种,Django相较与其他WEB框架其优势为:大而全,框架本身集成了O ...

  7. 第六篇 :微信公众平台开发实战Java版之如何自定义微信公众号菜单

    我们来了解一下 自定义菜单创建接口: http请求方式:POST(请使用https协议) https://api.weixin.qq.com/cgi-bin/menu/create?access_to ...

  8. 第六篇 SQL Server安全执行上下文和代码签名

    本篇文章是SQL Server安全系列的第六篇,详细内容请参考原文. SQL Server决定主体是否有必要的执行代码权限的根本途径是其执行上下文规则.这一切都可能复杂一个主体有执行代码的权限,但是却 ...

  9. Android Https相关完全解析 当OkHttp遇到Https

    一.概述 其实这篇文章理论上不限于okhttp去访问自签名的网站,不过接上篇博文了,就叫这个了.首先要了解的事,okhttp默认情况下是支持https协议的网站的,比如https://www.baid ...

随机推荐

  1. Java 使用httpclient Post与cxf 发布的Webservice通信

    使用cxf发布的webservice不知道什么情况总会有时管用有时不管用,对于项目来说这肯定不行.又不想改动webservice因为代码太多.人懒! 于是便使用httpclient与webservic ...

  2. IDEA导入maven项目的步骤

    其它的就不多说,直接开始咱们的步骤. 首先,你的装有IDEA,我的是IDEA15的,其次就是你的maven插件来,不过,这些基本的插件,IDEA里基本都给咱下载好了,你就可以直接配置maven.可以去 ...

  3. JS 脚本应该放在页面哪个位置 head body foot

    我们平时在页面上写JS 是放在头部<head>中呢 还是放到body 最下面 能更优化? 查了一番资料,推荐 放在页面底部如: <html> <head> < ...

  4. CodeForces 749D Leaving Auction

    二分查找,$set$. 对于某一次询问,如果把人删光了,那么输出$0$ $0$. 如果只剩下$1$个人,那么输出那个人喊的最低价格. 如果剩下的人数有大于等于两个, 这时最底下出现的情景必然是红色部分 ...

  5. C#中yield关键字理解

    yield关键字之前用得较少,但是在做项目开发的过程中也遇到了,当时有点迷惑,就顺便研究学习了一下,以下是个人理解,不到之处欢迎拍砖!废话就到这,上代码: class Program { static ...

  6. Spark-RDD/DataFrame/DateSet

    RDD 优点: 编译时类型安全编译时就能检查出类型错误 面向对象的编程风格直接通过类名点的方式来操作数据 缺点: 序列化和反序列化的性能开销无论是集群间的通信, 还是IO操作都需要对对象的结构和数据进 ...

  7. [UWP小白日记-12]使用新的Composition API来实现控件的阴影

    前言 看了好久官方的Windows UI Dev Labs示例好久才有点心得,真是头大.(其实是英语幼儿园水平(⊙﹏⊙)b) 真的网上关于这个API的资料可以说几乎没有. 正文 首先用这东西的添加WI ...

  8. 《我与Android不得不说的故事-1-立贴明志》

    产品需要迭代,人也一样,自我更新,才能不断进步,进军新领域,立贴明志. 顺便记录一下新路上的坑坑洼洼

  9. expressJS - 准备活动

    安装 nodeJS 1. package.json 2. CommonJS, AMD, ES6 3. Babel

  10. chap3 数组 #C

    4.1 数组的基本概念 4.1.1 要点归纳 一维数组 定义: int a[10]; 数组名是一个地址常量,不允许修改. 引用: 初始化: 静态数组 static int a[10];的初值? 全部赋 ...