Volley之https信任所有证书实现:

public class HttpsTrustManager implements X509TrustManager {

    private static TrustManager[] trustManagers;

    private static final X509Certificate[] _AcceptedIssuers = new X509Certificate[]{};

    @Override

    public void checkClientTrusted(

            java.security.cert.X509Certificate[] x509Certificates, String s)

            throws java.security.cert.CertificateException {

    }

    @Override

    public void checkServerTrusted(

            java.security.cert.X509Certificate[] x509Certificates, String s)

            throws java.security.cert.CertificateException {

    }

    public boolean isClientTrusted(X509Certificate[] chain) {

        return true;

    }

    public boolean isServerTrusted(X509Certificate[] chain) {

        return true;

    }

    @Override

    public X509Certificate[] getAcceptedIssuers() {

        return _AcceptedIssuers;

    }

    public static void allowAllSSL() {

        HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {

            @Override

            public boolean verify(String arg0, SSLSession arg1) {

                return true;

            }

        });

        SSLContext context = null;

        if (trustManagers == null) {

            trustManagers = new TrustManager[]{new HttpsTrustManager()};

        }

        try {

            context = SSLContext.getInstance("TLS");

            context.init(null, trustManagers, new SecureRandom());

        } catch (NoSuchAlgorithmException e) {

            e.printStackTrace();

        } catch (KeyManagementException e) {

            e.printStackTrace();

        }

        HttpsURLConnection.setDefaultSSLSocketFactory(context

                .getSocketFactory());

    }

}

代码中调用方法如下:

HttpsTrustManager.allowAllSSL();//主要是这行实现信任所有证书的操作

String  tag_string_req = "string_req";

StringRequest strReq = new StringRequest(Request.Method.POST,

        your_https_url, new Response.Listener<String>() {

    @Override

    public void onResponse(String response) {

        Log.d(TAG, "response :"+response);

    }

}, new Response.ErrorListener() {

    @Override

    public void onErrorResponse(VolleyError error) {

        VolleyLog.d(TAG, "Error: " + error.getMessage());

    }

}){

    @Override

    protected Map<String, String> getParams() {

        Map<String, String> params = new HashMap<String, String>();

        params.put("username", "max");

        params.put("password", "123456");

        return params;

    }

};

AppController.getInstance().addToRequestQueue(strReq, tag_string_req);

信任指定的证书文件

HurlStack代码里面有如下方法:

 /**

     * @param urlRewriter Rewriter to use for request URLs

     * @param sslSocketFactory SSL factory to use for HTTPS connections

     * HurlStack这个类的构造大家就会发现其实volley可以支持https了,同样位于toolbox包下

     */

    public HurlStack(UrlRewriter urlRewriter, SSLSocketFactory sslSocketFactory) {

        mUrlRewriter = urlRewriter;

        mSslSocketFactory = sslSocketFactory;

    }
  /**

     * Opens an {@link HttpURLConnection} with parameters.

     * @param url

     * @return an open connection

     * @throws IOException

     */

    private HttpURLConnection openConnection(URL url, Request<?> request) throws IOException {

        HttpURLConnection connection = createConnection(url);

        int timeoutMs = request.getTimeoutMs();

        connection.setConnectTimeout(timeoutMs);

        connection.setReadTimeout(timeoutMs);

        connection.setUseCaches(false);

        connection.setDoInput(true);

        // use caller-provided custom SslSocketFactory, if any, for HTTPS

        if ("https".equals(url.getProtocol()) && mSslSocketFactory != null) {

            ((HttpsURLConnection)connection).setSSLSocketFactory(mSslSocketFactory);

        }

        return connection;

    }

在https协议的情况下,保证mSslSocketFactory 不为null,因此主要的问题是传进去sslSocketFactory这个参数。

stackoverflow上面有个产生这个内容的工具类:

private TrustManager[] getWrappedTrustManagers(TrustManager[] trustManagers) {

        final X509TrustManager originalTrustManager = (X509TrustManager) trustManagers[0];

        return new TrustManager[]{

                new X509TrustManager() {

                    public X509Certificate[] getAcceptedIssuers() {

                        return originalTrustManager.getAcceptedIssuers();

                    }

                    public void checkClientTrusted(X509Certificate[] certs, String authType) {

                        try {

                            originalTrustManager.checkClientTrusted(certs, authType);

                        } catch (CertificateException e) {

                            e.printStackTrace();

                        }

                    }

                    public void checkServerTrusted(X509Certificate[] certs, String authType) {

                        try {

                            originalTrustManager.checkServerTrusted(certs, authType);

                        } catch (CertificateException e) {

                            e.printStackTrace();

                        }

                    }

                }

        };

    }

private SSLSocketFactory getSSLSocketFactory_Certificate(String keyStoreType, int keystoreResId)

        throws CertificateException, KeyStoreException, IOException, NoSuchAlgorithmException, KeyManagementException {

    CertificateFactory cf = CertificateFactory.getInstance("X.509");

    InputStream caInput = getResources().openRawResource(keystoreResId);

    Certificate ca = cf.generateCertificate(caInput);

    caInput.close();

    if (keyStoreType == null || keyStoreType.length() == 0) {

        keyStoreType = KeyStore.getDefaultType();

    }

    KeyStore keyStore = KeyStore.getInstance(keyStoreType);

    keyStore.load(null, null);

    keyStore.setCertificateEntry("ca", ca);

    String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();

    TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);

    tmf.init(keyStore);

    TrustManager[] wrappedTrustManagers = getWrappedTrustManagers(tmf.getTrustManagers());

    SSLContext sslContext = SSLContext.getInstance("TLS");

    sslContext.init(null, wrappedTrustManagers, null);

    return sslContext.getSocketFactory();

}

private SSLSocketFactory getSSLSocketFactory_KeyStore(String keyStoreType, int keystoreResId, String keyPassword)

            throws CertificateException, KeyStoreException, IOException, NoSuchAlgorithmException, KeyManagementException {

        InputStream caInput = getResources().openRawResource(keystoreResId);

        // creating a KeyStore containing trusted CAs

        if (keyStoreType == null || keyStoreType.length() == 0) {

            keyStoreType = KeyStore.getDefaultType();

        }

        KeyStore keyStore = KeyStore.getInstance(keyStoreType);

        keyStore.load(caInput, keyPassword.toCharArray());

        // creating a TrustManager that trusts the CAs in the KeyStore

        String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();

        TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);

        tmf.init(keyStore);

        TrustManager[] wrappedTrustManagers = getWrappedTrustManagers(tmf.getTrustManagers());

        SSLContext sslContext = SSLContext.getInstance("TLS");

        sslContext.init(null, wrappedTrustManagers, null);

        return sslContext.getSocketFactory();

    }

调用后面两个,就能获取SSLSocketFactory 内容,使用如下:

SSLSocketFactory sslSocketFactory = getSSLSocketFactory_KeyStore("BKS", R.raw.androidbksv1, "123456789");

SSLSocketFactory sslSocketFactory = getSSLSocketFactory_Certificate("BKS", R.raw.androidbksv1_cert);

http://stackoverflow.com/questions/32154115/android-volley-self-signed-https-trust-anchor-for-certification-path-not-found

【第六篇】Volley之https相关的更多相关文章

  1. Python之路【第六篇】:socket

    Python之路[第六篇]:socket   Socket socket通常也称作"套接字",用于描述IP地址和端口,是一个通信链的句柄,应用程序通常通过"套接字&quo ...

  2. 一篇读懂HTTPS:加密原理、安全逻辑、数字证书等

    1.引言 HTTPS(全称: Hypertext Transfer Protocol Secure,超文本传输安全协议),是以安全为目标的HTTP通道,简单讲是HTTP的安全版.本文,就来深入介绍下其 ...

  3. 跟我学SpringCloud | 第六篇:Spring Cloud Config Github配置中心

    SpringCloud系列教程 | 第六篇:Spring Cloud Config Github配置中心 Springboot: 2.1.6.RELEASE SpringCloud: Greenwic ...

  4. 跟我学SpringCloud | 第十六篇:微服务利剑之APM平台(二)Pinpoint

    目录 SpringCloud系列教程 | 第十六篇:微服务利剑之APM平台(二)Pinpoint 1. Pinpoint概述 2. Pinpoint主要特性 3. Pinpoint优势 4. Pinp ...

  5. Android Https相关完全解析

    转载: 转载请标明出处: http://blog.csdn.net/lmj623565791/article/details/48129405: 本文出自:[张鸿洋的博客] 一.概述 其实这篇文章理论 ...

  6. Python之路【第十六篇】:Django【基础篇】

    Python之路[第十六篇]:Django[基础篇]   Python的WEB框架有Django.Tornado.Flask 等多种,Django相较与其他WEB框架其优势为:大而全,框架本身集成了O ...

  7. 第六篇 :微信公众平台开发实战Java版之如何自定义微信公众号菜单

    我们来了解一下 自定义菜单创建接口: http请求方式:POST(请使用https协议) https://api.weixin.qq.com/cgi-bin/menu/create?access_to ...

  8. 第六篇 SQL Server安全执行上下文和代码签名

    本篇文章是SQL Server安全系列的第六篇,详细内容请参考原文. SQL Server决定主体是否有必要的执行代码权限的根本途径是其执行上下文规则.这一切都可能复杂一个主体有执行代码的权限,但是却 ...

  9. Android Https相关完全解析 当OkHttp遇到Https

    一.概述 其实这篇文章理论上不限于okhttp去访问自签名的网站,不过接上篇博文了,就叫这个了.首先要了解的事,okhttp默认情况下是支持https协议的网站的,比如https://www.baid ...

随机推荐

  1. Linux学习笔记(一):常用命令(2)

    3.帮助命令 A,帮助命令:man    B,其他帮助命令 3.1,格式:man [命令名] 查看命令拥有哪个级别的帮助:                                       ...

  2. 关于Ueditor 前后端分离实现文件上传到独立服务器的问题 望大神们赐教

    最近,由于网站实现多台服务器负载均衡,导致编辑器上传文件需要同步,可是使用同步软件太慢,不太现实,所以想到实现编辑器上传文件直接上传到独立文件服务器.可是没想到遇到坑了. 1.在本地IIS 中添加网站 ...

  3. 使用div模拟textarea,实现文本输入框高度自适应(附:js控制textarea实现文本输入框高度自适应)

    一.使用textarea标签进行多行文本的输入有很多限制,比如不能实现高度自适应,会出现难看的滚动条等问题. HTML5中添加了一个新属性contenteditable,该属性可以让input,tex ...

  4. Apache2.2下载及安装

    php5.5 + apache2.4 安装配置图文步骤 http://wenku.baidu.com/link?url=8OHaJATVBHP5QrD-J2pTkmBOjY-ZG5cDngKMz7wl ...

  5. owa_outlook暴力破解脚本

    其实msf里面存在这样的模块,search owa 即可,字典这种东西还是找规律密码去破解比较好 然后担心遇到渗透测试没有msf情况下,还是得自己写个脚本,网上找了一下lijiejie,但是运行不了, ...

  6. Kafka发送消息失败原因

    Kafka发送消息方法如下: Properties properties = new Properties(); properties.put("zookeeper.connect" ...

  7. sublime文字处理技巧

    1.针对多行文本去除重复行,而不改变文本原来的顺序,即不通过排序的方式移除重复行 安装ShellCommand插件,全选文本,ctrl+alt+|调出shell执行终端,输入 awk '!x[$0]+ ...

  8. 2-Bom

    前言 window对象是BOM的顶层(核心)对象,所有对象都是通过它延伸出来的,也可以称为window的子对象.由于window是顶层对象,因此调用它的子对象时可以不显示的指明window对象 例如下 ...

  9. Gs_Class.Gs_DataFunction数据操作类库20160225

    using System;using System.Data;using System.Configuration;using System.Web;using System.Web.Security ...

  10. Unix时间戳转换成C#中的DateTime

    先交代一下应用场景:我们的软件需要做一个简单的有效期验证保护.初始的想法是 在本地将安装时间.启动时间.当前时间做比较,为了防止记录被修改,记录在注册表的特殊的地方并加密. 我使用了.net自带的rs ...