招商银行支付时WebView无法加载证书
2015-10-10 18:33
387 查看
错误信息:
10-10 18:24:56.205: E/MyWebViewClient(3823): sslerror = primary error: 3 certificate: Issued to: CN=netpay.cmbchina.com,O=��D��O����N��O��T����T��R��U��S��T,OU=Created by http://www.fiddler2.com;
10-10 18:24:56.205: E/MyWebViewClient(3823): Issued by: CN=��D��O����N��O��T����T��R��U��S��T����F��i��d��d��l��e��r��R��o��o��t,O=��D��O����N��O��T��_��T��R��U��S��T,OU=Created by http://www.fiddler2.com;
解决方法:调用SslErrorHandler 中的proceed()方法
handler.proceed(); 作用就是继续让请求进行认证,返回解雇。
再去看下WebViewClient的源码: 主要看onReceivedSslError方法,默认调用handler.cancel();取消请求
再看下onReceivedClientCertRequest方法,默认也是调用request.cancel();取消请求
请求都取消了,所以不再有后续的认证,也就不会有返回结果。
request是这个类ClientCertRequest的对象,再去这个里面看看
该类有一个方法:根据指定的私钥和证书进行认证。
10-10 18:24:56.205: E/MyWebViewClient(3823): sslerror = primary error: 3 certificate: Issued to: CN=netpay.cmbchina.com,O=��D��O����N��O��T����T��R��U��S��T,OU=Created by http://www.fiddler2.com;
10-10 18:24:56.205: E/MyWebViewClient(3823): Issued by: CN=��D��O����N��O��T����T��R��U��S��T����F��i��d��d��l��e��r��R��o��o��t,O=��D��O����N��O��T��_��T��R��U��S��T,OU=Created by http://www.fiddler2.com;
解决方法:调用SslErrorHandler 中的proceed()方法
class MyWebViewClient extends WebViewClient { @Override public void onReceivedError(WebView view, int errorCode, String description, String failingUrl) { ToastInfo("Oh no! " + description); super.onReceivedError(view, errorCode, description, failingUrl); } @Override public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) { ToastInfo(error.toString());//ssl错误信息 handler.proceed();// 没办法的时候看到这么一个方法,继续进行ssl的认证,就测试了一把,竟然可以。。。 LogUtil.LogE("MyWebViewClient", "sslerror = "+ error.toString()); super.onReceivedSslError(view, handler, error); } // The URL scheme should be non-hierarchical (no trailing slashes) private static final String APP_SCHEME = "example-app:"; @Override public boolean shouldOverrideUrlLoading(WebView view, String url) { if(url.startsWith("http:")||url.startsWith("https:")){ // 为了继续在WebView中显示,需要重写shouldOverrideUrlLoading方法 view.loadUrl(url); return true; }else{ return false; } } public void onPageFinished(WebView view, String url) { cancelProgressDialog(); // proDialog.dismiss(); } }
handler.proceed(); 作用就是继续让请求进行认证,返回解雇。
再去看下WebViewClient的源码: 主要看onReceivedSslError方法,默认调用handler.cancel();取消请求
再看下onReceivedClientCertRequest方法,默认也是调用request.cancel();取消请求
请求都取消了,所以不再有后续的认证,也就不会有返回结果。
request是这个类ClientCertRequest的对象,再去这个里面看看
该类有一个方法:根据指定的私钥和证书进行认证。
/** * Proceed with the specified private key and client certificate chain. * Remember the user's positive choice and use it for future requests. */ public abstract void proceed(PrivateKey privateKey, X509Certificate[] chain);
package android.webkit; import android.graphics.Bitmap; import android.net.http.SslError; import android.os.Message; import android.view.InputEvent; import android.view.KeyEvent; import android.view.ViewRootImpl; import java.security.Principal; public class WebViewClient { /** * Give the host application a chance to take over the control when a new * url is about to be loaded in the current WebView. If WebViewClient is not * provided, by default WebView will ask Activity Manager to choose the * proper handler for the url. If WebViewClient is provided, return true * means the host application handles the url, while return false means the * current WebView handles the url. * This method is not called for requests using the POST "method". * * @param view The WebView that is initiating the callback. * @param url The url to be loaded. * @return True if the host application wants to leave the current WebView * and handle the url itself, otherwise return false. */ public boolean shouldOverrideUrlLoading(WebView view, String url) { return false; } /** * Notify the host application that a page has started loading. This method * is called once for each main frame load so a page with iframes or * framesets will call onPageStarted one time for the main frame. This also * means that onPageStarted will not be called when the contents of an * embedded frame changes, i.e. clicking a link whose target is an iframe. * * @param view The WebView that is initiating the callback. * @param url The url to be loaded. * @param favicon The favicon for this page if it already exists in the * database. */ public void onPageStarted(WebView view, String url, Bitmap favicon) { } /** * Notify the host application that a page has finished loading. This method * is called only for main frame. When onPageFinished() is called, the * rendering picture may not be updated yet. To get the notification for the * new Picture, use {@link WebView.PictureListener#onNewPicture}. * * @param view The WebView that is initiating the callback. * @param url The url of the page. */ public void onPageFinished(WebView view, String url) { } /** * Notify the host application that the WebView will load the resource * specified by the given url. * * @param view The WebView that is initiating the callback. * @param url The url of the resource the WebView will load. */ public void onLoadResource(WebView view, String url) { } /** * Notify the host application of a resource request and allow the * application to return the data. If the return value is null, the WebView * will continue to load the resource as usual. Otherwise, the return * response and data will be used. NOTE: This method is called on a thread * other than the UI thread so clients should exercise caution * when accessing private data or the view system. * * @param view The {@link android.webkit.WebView} that is requesting the * resource. * @param url The raw url of the resource. * @return A {@link android.webkit.WebResourceResponse} containing the * response information or null if the WebView should load the * resource itself. * @deprecated Use {@link #shouldInterceptRequest(WebView, WebResourceRequest) * shouldInterceptRequest(WebView, WebResourceRequest)} instead. */ @Deprecated public WebResourceResponse shouldInterceptRequest(WebView view, String url) { return null; } /** * Notify the host application of a resource request and allow the * application to return the data. If the return value is null, the WebView * will continue to load the resource as usual. Otherwise, the return * response and data will be used. NOTE: This method is called on a thread * other than the UI thread so clients should exercise caution * when accessing private data or the view system. * * @param view The {@link android.webkit.WebView} that is requesting the * resource. * @param request Object containing the details of the request. * @return A {@link android.webkit.WebResourceResponse} containing the * response information or null if the WebView should load the * resource itself. */ public WebResourceResponse shouldInterceptRequest(WebView view, WebResourceRequest request) { return shouldInterceptRequest(view, request.getUrl().toString()); } /** * Notify the host application that there have been an excessive number of * HTTP redirects. As the host application if it would like to continue * trying to load the resource. The default behavior is to send the cancel * message. * * @param view The WebView that is initiating the callback. * @param cancelMsg The message to send if the host wants to cancel * @param continueMsg The message to send if the host wants to continue * @deprecated This method is no longer called. When the WebView encounters * a redirect loop, it will cancel the load. */ @Deprecated public void onTooManyRedirects(WebView view, Message cancelMsg, Message continueMsg) { cancelMsg.sendToTarget(); } // These ints must match up to the hidden values in EventHandler. /** Generic error */ public static final int ERROR_UNKNOWN = -1; /** Server or proxy hostname lookup failed */ public static final int ERROR_HOST_LOOKUP = -2; /** Unsupported authentication scheme (not basic or digest) */ public static final int ERROR_UNSUPPORTED_AUTH_SCHEME = -3; /** User authentication failed on server */ public static final int ERROR_AUTHENTICATION = -4; /** User authentication failed on proxy */ public static final int ERROR_PROXY_AUTHENTICATION = -5; /** Failed to connect to the server */ public static final int ERROR_CONNECT = -6; /** Failed to read or write to the server */ public static final int ERROR_IO = -7; /** Connection timed out */ public static final int ERROR_TIMEOUT = -8; /** Too many redirects */ public static final int ERROR_REDIRECT_LOOP = -9; /** Unsupported URI scheme */ public static final int ERROR_UNSUPPORTED_SCHEME = -10; /** Failed to perform SSL handshake */ public static final int ERROR_FAILED_SSL_HANDSHAKE = -11; /** Malformed URL */ public static final int ERROR_BAD_URL = -12; /** Generic file error */ public static final int ERROR_FILE = -13; /** File not found */ public static final int ERROR_FILE_NOT_FOUND = -14; /** Too many requests during this load */ public static final int ERROR_TOO_MANY_REQUESTS = -15; /** * Report an error to the host application. These errors are unrecoverable * (i.e. the main resource is unavailable). The errorCode parameter * corresponds to one of the ERROR_* constants. * @param view The WebView that is initiating the callback. * @param errorCode The error code corresponding to an ERROR_* value. * @param description A String describing the error. * @param failingUrl The url that failed to load. */ public void onReceivedError(WebView view, int errorCode, String description, String failingUrl) { } /** * As the host application if the browser should resend data as the * requested page was a result of a POST. The default is to not resend the * data. * * @param view The WebView that is initiating the callback. * @param dontResend The message to send if the browser should not resend * @param resend The message to send if the browser should resend data */ public void onFormResubmission(WebView view, Message dontResend, Message resend) { dontResend.sendToTarget(); } /** * Notify the host application to update its visited links database. * * @param view The WebView that is initiating the callback. * @param url The url being visited. * @param isReload True if this url is being reloaded. */ public void doUpdateVisitedHistory(WebView view, String url, boolean isReload) { } /** * Notify the host application that an SSL error occurred while loading a * resource. The host application must call either handler.cancel() or * handler.proceed(). Note that the decision may be retained for use in * response to future SSL errors. The default behavior is to cancel the * load. * * @param view The WebView that is initiating the callback. * @param handler An SslErrorHandler object that will handle the user's * response. * @param error The SSL error object. */ public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) { handler.cancel(); } /** * Notify the host application to handle a SSL client certificate * request. The host application is responsible for showing the UI * if desired and providing the keys. There are three ways to * respond: proceed(), cancel() or ignore(). Webview remembers the * response if proceed() or cancel() is called and does not * call onReceivedClientCertRequest() again for the same host and port * pair. Webview does not remember the response if ignore() is called. * * This method is called on the UI thread. During the callback, the * connection is suspended. * * The default behavior is to cancel, returning no client certificate. * * @param view The WebView that is initiating the callback * @param request An instance of a {@link ClientCertRequest} * */ public void onReceivedClientCertRequest(WebView view, ClientCertRequest request) { request.cancel(); } /** * Notifies the host application that the WebView received an HTTP * authentication request. The host application can use the supplied * {@link HttpAuthHandler} to set the WebView's response to the request. * The default behavior is to cancel the request. * * @param view the WebView that is initiating the callback * @param handler the HttpAuthHandler used to set the WebView's response * @param host the host requiring authentication * @param realm the realm for which authentication is required * @see WebView#getHttpAuthUsernamePassword */ public void onReceivedHttpAuthRequest(WebView view, HttpAuthHandler handler, String host, String realm) { handler.cancel(); } /** * Give the host application a chance to handle the key event synchronously. * e.g. menu shortcut key events need to be filtered this way. If return * true, WebView will not handle the key event. If return false, WebView * will always handle the key event, so none of the super in the view chain * will see the key event. The default behavior returns false. * * @param view The WebView that is initiating the callback. * @param event The key event. * @return True if the host application wants to handle the key event * itself, otherwise return false */ public boolean shouldOverrideKeyEvent(WebView view, KeyEvent event) { return false; } /** * Notify the host application that a key was not handled by the WebView. * Except system keys, WebView always consumes the keys in the normal flow * or if shouldOverrideKeyEvent returns true. This is called asynchronously * from where the key is dispatched. It gives the host application a chance * to handle the unhandled key events. * * @param view The WebView that is initiating the callback. * @param event The key event. * @deprecated This method is subsumed by the more generic onUnhandledInputEvent. */ @Deprecated public void onUnhandledKeyEvent(WebView view, KeyEvent event) { onUnhandledInputEventInternal(view, event); } /** * Notify the host application that a input event was not handled by the WebView. * Except system keys, WebView always consumes input events in the normal flow * or if shouldOverrideKeyEvent returns true. This is called asynchronously * from where the event is dispatched. It gives the host application a chance * to handle the unhandled input events. * * Note that if the event is a {@link android.view.MotionEvent}, then it's lifetime is only * that of the function call. If the WebViewClient wishes to use the event beyond that, then it * <i>must</i> create a copy of the event. * * It is the responsibility of overriders of this method to call * {@link #onUnhandledKeyEvent(WebView, KeyEvent)} * when appropriate if they wish to continue receiving events through it. * * @param view The WebView that is initiating the callback. * @param event The input event. */ public void onUnhandledInputEvent(WebView view, InputEvent event) { if (event instanceof KeyEvent) { onUnhandledKeyEvent(view, (KeyEvent) event); return; } onUnhandledInputEventInternal(view, event); } private void onUnhandledInputEventInternal(WebView view, InputEvent event) { ViewRootImpl root = view.getViewRootImpl(); if (root != null) { root.dispatchUnhandledInputEvent(event); } } /** * Notify the host application that the scale applied to the WebView has * changed. * * @param view he WebView that is initiating the callback. * @param oldScale The old scale factor * @param newScale The new scale factor */ public void onScaleChanged(WebView view, float oldScale, float newScale) { } /** * Notify the host application that a request to automatically log in the * user has been processed. * @param view The WebView requesting the login. * @param realm The account realm used to look up accounts. * @param account An optional account. If not null, the account should be * checked against accounts on the device. If it is a valid * account, it should be used to log in the user. * @param args Authenticator specific arguments used to log in the user. */ public void onReceivedLoginRequest(WebView view, String realm, String account, String args) { } }
相关文章推荐
- 使用C++实现JNI接口需要注意的事项
- Android IPC进程间通讯机制
- Android Manifest 用法
- [转载]Activity中ConfigChanges属性的用法
- Android之获取手机上的图片和视频缩略图thumbnails
- Android之使用Http协议实现文件上传功能
- Android学习笔记(二九):嵌入浏览器
- android string.xml文件中的整型和string型代替
- i-jetty环境搭配与编译
- android之定时器AlarmManager
- android wifi 无线调试
- Android Native 绘图方法
- Android java 与 javascript互访(相互调用)的方法例子
- android 代码实现控件之间的间距
- android FragmentPagerAdapter的“标准”配置
- Android"解决"onTouch和onClick的冲突问题
- android:installLocation简析
- android searchView的关闭事件
- SourceProvider.getJniDirectories