Volley之https信任所有证书实现:

public class HttpsTrustManager implements X509TrustManager {

    private static TrustManager[] trustManagers;

    private static final X509Certificate[] _AcceptedIssuers = new X509Certificate[]{};

    @Override

    public void checkClientTrusted(

            java.security.cert.X509Certificate[] x509Certificates, String s)

            throws java.security.cert.CertificateException {

    }

    @Override

    public void checkServerTrusted(

            java.security.cert.X509Certificate[] x509Certificates, String s)

            throws java.security.cert.CertificateException {

    }

    public boolean isClientTrusted(X509Certificate[] chain) {

        return true;

    }

    public boolean isServerTrusted(X509Certificate[] chain) {

        return true;

    }

    @Override

    public X509Certificate[] getAcceptedIssuers() {

        return _AcceptedIssuers;

    }

    public static void allowAllSSL() {

        HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {

            @Override

            public boolean verify(String arg0, SSLSession arg1) {

                return true;

            }

        });

        SSLContext context = null;

        if (trustManagers == null) {

            trustManagers = new TrustManager[]{new HttpsTrustManager()};

        }

        try {

            context = SSLContext.getInstance("TLS");

            context.init(null, trustManagers, new SecureRandom());

        } catch (NoSuchAlgorithmException e) {

            e.printStackTrace();

        } catch (KeyManagementException e) {

            e.printStackTrace();

        }

        HttpsURLConnection.setDefaultSSLSocketFactory(context

                .getSocketFactory());

    }

}

代码中调用方法如下:

HttpsTrustManager.allowAllSSL();//主要是这行实现信任所有证书的操作

String  tag_string_req = "string_req";

StringRequest strReq = new StringRequest(Request.Method.POST,

        your_https_url, new Response.Listener<String>() {

    @Override

    public void onResponse(String response) {

        Log.d(TAG, "response :"+response);

    }

}, new Response.ErrorListener() {

    @Override

    public void onErrorResponse(VolleyError error) {

        VolleyLog.d(TAG, "Error: " + error.getMessage());

    }

}){

    @Override

    protected Map<String, String> getParams() {

        Map<String, String> params = new HashMap<String, String>();

        params.put("username", "max");

        params.put("password", "123456");

        return params;

    }

};

AppController.getInstance().addToRequestQueue(strReq, tag_string_req);

信任指定的证书文件

HurlStack代码里面有如下方法:

 /**

     * @param urlRewriter Rewriter to use for request URLs

     * @param sslSocketFactory SSL factory to use for HTTPS connections

     * HurlStack这个类的构造大家就会发现其实volley可以支持https了,同样位于toolbox包下

     */

    public HurlStack(UrlRewriter urlRewriter, SSLSocketFactory sslSocketFactory) {

        mUrlRewriter = urlRewriter;

        mSslSocketFactory = sslSocketFactory;

    }
  /**

     * Opens an {@link HttpURLConnection} with parameters.

     * @param url

     * @return an open connection

     * @throws IOException

     */

    private HttpURLConnection openConnection(URL url, Request<?> request) throws IOException {

        HttpURLConnection connection = createConnection(url);

        int timeoutMs = request.getTimeoutMs();

        connection.setConnectTimeout(timeoutMs);

        connection.setReadTimeout(timeoutMs);

        connection.setUseCaches(false);

        connection.setDoInput(true);

        // use caller-provided custom SslSocketFactory, if any, for HTTPS

        if ("https".equals(url.getProtocol()) && mSslSocketFactory != null) {

            ((HttpsURLConnection)connection).setSSLSocketFactory(mSslSocketFactory);

        }

        return connection;

    }

在https协议的情况下,保证mSslSocketFactory 不为null,因此主要的问题是传进去sslSocketFactory这个参数。

stackoverflow上面有个产生这个内容的工具类:

private TrustManager[] getWrappedTrustManagers(TrustManager[] trustManagers) {

        final X509TrustManager originalTrustManager = (X509TrustManager) trustManagers[0];

        return new TrustManager[]{

                new X509TrustManager() {

                    public X509Certificate[] getAcceptedIssuers() {

                        return originalTrustManager.getAcceptedIssuers();

                    }

                    public void checkClientTrusted(X509Certificate[] certs, String authType) {

                        try {

                            originalTrustManager.checkClientTrusted(certs, authType);

                        } catch (CertificateException e) {

                            e.printStackTrace();

                        }

                    }

                    public void checkServerTrusted(X509Certificate[] certs, String authType) {

                        try {

                            originalTrustManager.checkServerTrusted(certs, authType);

                        } catch (CertificateException e) {

                            e.printStackTrace();

                        }

                    }

                }

        };

    }

private SSLSocketFactory getSSLSocketFactory_Certificate(String keyStoreType, int keystoreResId)

        throws CertificateException, KeyStoreException, IOException, NoSuchAlgorithmException, KeyManagementException {

    CertificateFactory cf = CertificateFactory.getInstance("X.509");

    InputStream caInput = getResources().openRawResource(keystoreResId);

    Certificate ca = cf.generateCertificate(caInput);

    caInput.close();

    if (keyStoreType == null || keyStoreType.length() == 0) {

        keyStoreType = KeyStore.getDefaultType();

    }

    KeyStore keyStore = KeyStore.getInstance(keyStoreType);

    keyStore.load(null, null);

    keyStore.setCertificateEntry("ca", ca);

    String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();

    TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);

    tmf.init(keyStore);

    TrustManager[] wrappedTrustManagers = getWrappedTrustManagers(tmf.getTrustManagers());

    SSLContext sslContext = SSLContext.getInstance("TLS");

    sslContext.init(null, wrappedTrustManagers, null);

    return sslContext.getSocketFactory();

}

private SSLSocketFactory getSSLSocketFactory_KeyStore(String keyStoreType, int keystoreResId, String keyPassword)

            throws CertificateException, KeyStoreException, IOException, NoSuchAlgorithmException, KeyManagementException {

        InputStream caInput = getResources().openRawResource(keystoreResId);

        // creating a KeyStore containing trusted CAs

        if (keyStoreType == null || keyStoreType.length() == 0) {

            keyStoreType = KeyStore.getDefaultType();

        }

        KeyStore keyStore = KeyStore.getInstance(keyStoreType);

        keyStore.load(caInput, keyPassword.toCharArray());

        // creating a TrustManager that trusts the CAs in the KeyStore

        String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();

        TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);

        tmf.init(keyStore);

        TrustManager[] wrappedTrustManagers = getWrappedTrustManagers(tmf.getTrustManagers());

        SSLContext sslContext = SSLContext.getInstance("TLS");

        sslContext.init(null, wrappedTrustManagers, null);

        return sslContext.getSocketFactory();

    }

调用后面两个,就能获取SSLSocketFactory 内容,使用如下:

SSLSocketFactory sslSocketFactory = getSSLSocketFactory_KeyStore("BKS", R.raw.androidbksv1, "123456789");

SSLSocketFactory sslSocketFactory = getSSLSocketFactory_Certificate("BKS", R.raw.androidbksv1_cert);

http://stackoverflow.com/questions/32154115/android-volley-self-signed-https-trust-anchor-for-certification-path-not-found

【第六篇】Volley之https相关的更多相关文章

  1. Python之路【第六篇】:socket

    Python之路[第六篇]:socket   Socket socket通常也称作"套接字",用于描述IP地址和端口,是一个通信链的句柄,应用程序通常通过"套接字&quo ...

  2. 一篇读懂HTTPS:加密原理、安全逻辑、数字证书等

    1.引言 HTTPS(全称: Hypertext Transfer Protocol Secure,超文本传输安全协议),是以安全为目标的HTTP通道,简单讲是HTTP的安全版.本文,就来深入介绍下其 ...

  3. 跟我学SpringCloud | 第六篇:Spring Cloud Config Github配置中心

    SpringCloud系列教程 | 第六篇:Spring Cloud Config Github配置中心 Springboot: 2.1.6.RELEASE SpringCloud: Greenwic ...

  4. 跟我学SpringCloud | 第十六篇:微服务利剑之APM平台(二)Pinpoint

    目录 SpringCloud系列教程 | 第十六篇:微服务利剑之APM平台(二)Pinpoint 1. Pinpoint概述 2. Pinpoint主要特性 3. Pinpoint优势 4. Pinp ...

  5. Android Https相关完全解析

    转载: 转载请标明出处: http://blog.csdn.net/lmj623565791/article/details/48129405: 本文出自:[张鸿洋的博客] 一.概述 其实这篇文章理论 ...

  6. Python之路【第十六篇】:Django【基础篇】

    Python之路[第十六篇]:Django[基础篇]   Python的WEB框架有Django.Tornado.Flask 等多种,Django相较与其他WEB框架其优势为:大而全,框架本身集成了O ...

  7. 第六篇 :微信公众平台开发实战Java版之如何自定义微信公众号菜单

    我们来了解一下 自定义菜单创建接口: http请求方式:POST(请使用https协议) https://api.weixin.qq.com/cgi-bin/menu/create?access_to ...

  8. 第六篇 SQL Server安全执行上下文和代码签名

    本篇文章是SQL Server安全系列的第六篇,详细内容请参考原文. SQL Server决定主体是否有必要的执行代码权限的根本途径是其执行上下文规则.这一切都可能复杂一个主体有执行代码的权限,但是却 ...

  9. Android Https相关完全解析 当OkHttp遇到Https

    一.概述 其实这篇文章理论上不限于okhttp去访问自签名的网站,不过接上篇博文了,就叫这个了.首先要了解的事,okhttp默认情况下是支持https协议的网站的,比如https://www.baid ...

随机推荐

  1. log4net 开箱即用

    废话少说,先上代码 log4net Demo 好的系统都有日志,log4net 是我在.net平台下用过最爽的日志库,简单易用.功能强大. 基于配置(配置很简单,一看就明,通用,拷去即用): 可同时保 ...

  2. C语言之进制

    进制 一种计数的方式.侧重点在于计数的时候是逢多少进一. 1)      C语言可以识别的进制 二进制 每一位. 0 0 1 0 0 1 1 0 1 0 1 0 0 1 0 1 1 0 在C语言中,写 ...

  3. 【微信开发】微信公众平台接入及绑定提示“请求URL超时”的解决办法

    成为微信开发者的第一步--微信公众平台接入 第一步:填写服务器配置 在开发->基本配置处启用服务器配置.修改配置 其中URL是开发者用来接收微信消息和事件的接口URL. Token可由开发者可以 ...

  4. [ios-必看] IOS调试技巧:当程序崩溃的时候怎么办 iphone IOS

    from:http://article.ityran.com/archives/1143 有这样一种情形:当我们正在快乐的致力于我们的app时,并且什么看都是无比顺利,但是突然,坑爹啊,它崩溃了.(悲 ...

  5. Java重写与重载之间的区别

    重写(Override) 重写是子类对父类的允许访问的方法的实现过程进行重新编写, 返回值和形参都不能改变.即外壳不变,核心重写! 重写的好处在于子类可以根据需要,定义特定于自己的行为. 也就是说子类 ...

  6. C#开发学习——存储过程

    举个例子: 带输入参数的存储过程计算班级中英语和数学不及格的人数      if(exists(select * from sys.objects where name='usp_GetFailCou ...

  7. Hibernate3 第二天

    Hibernate3 第二天 第一天回顾: 三个准备 创建数据库 准备po和hbm文件 准备灵魂文件hibernate.cfg.xml 七个步骤 1 加载配置文件Configuration 2 创建会 ...

  8. jquery开头

    jQuery(function(){});jQuery().ready(function(){}); 绑定点击事件: jQuery('#temp').click(function() {}); $(d ...

  9. 关于JAVA中split方法使用竖线异常的问题

    split表达式,其实就是一个正则表达式. *  ^ | 等符号在正则表达式中属于一种有特殊含义的字符,如果使用此种字符作为分隔符,必须使用转义符即\\加以转义.不然分割的结果就不是你想要的.

  10. Largest prime factor

    problem 3:Largest prime factor 题意:求600851475143的最大的质因数 代码如下: #ifndef PRO3_H_INCLUDED #define PRO3_H_ ...