android webview & httpclient 处理 ssl （https）验证

1. webview SSL 验证

@Override

public void onReceivedSslError(WebView view, SslErrorHandler handler,

SslError error) {

super.onReceivedSslError(view, handler, error);

//handler.cancel(); 默认的处理方式，WebView变成空白页

//handleMessage(Message msg); 其他处理

handler.proceed();

}

2. httpclient SSL 验证

private static HttpClient getNewHttpClient() {

// return an HttpClient configured to accept All SSL Certificates

try {

HttpParams params = new BasicHttpParams();

HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);

HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);

SchemeRegistry registry = new SchemeRegistry();

registry.register(new Scheme("http", PlainSocketFactory

.getSocketFactory(), 80));

registry.register(new Scheme("https", MySslSocketFactory

.getSSLSocketFactory(), 443));

ClientConnectionManager ccm = new ThreadSafeClientConnManager(

params, registry);

// HttpClient httpClient = new

// org.apache.http.impl.client.ContentEncodingHttpClient(ccm,

// params); // throws EOFException in 4.1.1 (fixed in 4.1.2 ?)

DefaultHttpClient httpClient = new DefaultHttpClient(ccm, params);

// httpClient.addResponseInterceptor(new

// GzipHttpResponseInterceptor());

return httpClient;

} catch (IOException e) {

AppUtils.LogD("Couldnt set up SSL properly");

return new DefaultHttpClient();

}

}

其中 类MySslSocketFactory

import java.io.IOException;

import java.net.Socket;

import java.net.UnknownHostException;

import java.security.KeyManagementException;

import java.security.KeyStore;

import java.security.KeyStoreException;

import java.security.NoSuchAlgorithmException;

import java.security.UnrecoverableKeyException;

import java.security.cert.CertificateException;

import java.security.cert.X509Certificate;

import javax.net.ssl.SSLContext;

import javax.net.ssl.TrustManager;

import javax.net.ssl.X509TrustManager;

import org.apache.http.conn.ssl.SSLSocketFactory;

public class MySslSocketFactory extends SSLSocketFactory

{

private static MySslSocketFactory instance;

private final SSLContext sslContext = SSLContext.getInstance("TLS");

public static MySslSocketFactory getSSLSocketFactory() throws IOException

{

if (instance == null)

{

try

{

KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());

trustStore.load(null, null);

instance = new MySslSocketFactory(trustStore);

instance.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

}

catch (CertificateException e)

{

throw new IOException("Couldnt set up SSL properly", e);

}

catch (KeyStoreException e)

{

throw new IOException("Couldnt set up SSL properly", e);

}

catch (NoSuchAlgorithmException e)

{

throw new IOException("Couldnt set up SSL properly", e);

}

catch (KeyManagementException e)

{

throw new IOException("Couldnt set up SSL properly", e);

}

catch (UnrecoverableKeyException e)

{

throw new IOException("Couldnt set up SSL properly", e);

}

}

return instance;

}

private MySslSocketFactory(KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException

{

super(truststore);

TrustManager tm = new X509TrustManager()

{

public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException

{

// accept

}

public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException

{

// accept

}

public X509Certificate[] getAcceptedIssuers()

{

return null;

}

};

sslContext.init(null, new TrustManager[] { tm }, null);

}

@Override

public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException

{

return sslContext.getSocketFactory().createSocket(socket, host, port, autoClose);

}

@Override

public Socket createSocket() throws IOException

{

return sslContext.getSocketFactory().createSocket();

}

}