1. 首页
  2. 问答
  3. 通过https信任自签名证书

通过https信任自签名证书

2013-02-19 124 views
0

我知道互联网上有很多教程,但它们超出了我的知识范围,因为这是我第一次使用https。 我在这里用emmby的答案Trusting all certificates using HttpClient over HTTPS。但我不知道如何进一步实现在我连接到服务器的课上。 这里是我的HttpsConection类通过https信任自签名证书

Log.d("url", url.toString()); 
     HttpsURLConnection httpsConnection; 

     Log.d("HTTP get", "get() called"); 
     try 
     { 
      Log.v("HttpConnection", url.toString()); 
      httpsConnection = (HttpsURLConnection) url.openConnection(); 

      if (request != null) 
      { 
       OutputStreamWriter wr = new OutputStreamWriter(
         httpsConnection.getOutputStream()); 
       // Log.e(TAG, "created outputstream"); 

       wr.write(request); 
       // Log.e(TAG, "request sent"); 
       wr.flush(); 
       wr.close(); 
      } else 
      { 
       Log.e("HttpConnection", "Nothing to send to server"); 
      } 

      // Execute 
      try 
      { 

       InputStream in = new BufferedInputStream(httpsConnection 
         .getInputStream()); 
       responseString = convertStreamToString(in); 
       in.close();

的代码片段我有一个* .bks文件在我的资源/原材料文件夹,我被困在那里。

来源

2013-02-19 Bobans

回答

0

这是我自签名的HTTPS连接的代码,它工作正常,我:

 KeyStore trustStore; 
     try { 
      trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); 
      trustStore.load(null, null); 
      SSLSocketFactory sf = new EasySSLSocketFactory(trustStore); 
      sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); 
      BasicHttpParams params = new BasicHttpParams(); 
      HttpProtocolParams.setContentCharset(params, HTTP.UTF_8); 
      SchemeRegistry registry = new SchemeRegistry(); 
      registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80)); 
      registry.register(new Scheme("https", sf, 443)); 
      ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry); 
      DefaultHttpClient httpClient = new DefaultHttpClient(ccm, params); 
      HttpsURLConnection.setDefaultHostnameVerifier(sf.getHostnameVerifier()); 
      HttpGet getRequest = new HttpGet(url); 
      BasicHttpParams httpParameters = new BasicHttpParams(); 
      int timeoutConnection = 10000; 
      HttpConnectionParams.setConnectionTimeout(httpParameters, timeoutConnection); 
      int timeoutSocket = 15000; 
      HttpConnectionParams.setSoTimeout(httpParameters, timeoutSocket); 
      httpClient.setParams(httpParameters); 
      HttpResponse getResponse = httpClient.execute(getRequest); 
      final int statusCode = getResponse.getStatusLine().getStatusCode(); 
      if (statusCode != HttpStatus.SC_OK) 
      { 
       return null; 
      } 
      HttpEntity getResponseEntity = getResponse.getEntity(); 
      String content = EntityUtils.toString(getResponseEntity); 
      InputStream is = new ByteArrayInputStream(content.getBytes("UTF-8")); 
      return is; 
     } catch (KeyStoreException e1) { 
      e1.printStackTrace(); 
     } catch (ParseException e) { 
      e.printStackTrace(); 
     } catch (IOException e) { 
      e.printStackTrace(); 
     } catch (NoSuchAlgorithmException e) { 
      e.printStackTrace(); 
     } catch (CertificateException e) { 
      e.printStackTrace(); 
     } catch (KeyManagementException e) { 
      e.printStackTrace(); 
     } catch (UnrecoverableKeyException e) { 
      e.printStackTrace(); 
     } 
    return null;

来源

2013-02-19 14:13:56

+0

难道不是让所有的证书? – Bobans 2013-02-19 14:15:37

+0

是,由* sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)设置* – 2013-02-19 14:18:25

+0

对不起,但我想只允许一个证书。 – Bobans 2013-02-19 15:18:14

相关问题

 相关问题