OkHttp使用Https访问服务器时信任所有证书

http://blog.csdn.net/u013686019/article/details/52856389

OkHttp通过Https方式访问服务器时需要验证一些证书，如果证书有问题，网络访问失败，Log信息：

java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

为了避免在本地安装一连串证书的麻烦(尤其对于测试环境)，我们可以设置OkHttp，让它信任所有证书。

之前在网上进行了大量搜索，好不容易找到正确的设置方式，特此记录下。

1、实现X509TrustManager接口：

private static class TrustAllCerts implements X509TrustManager {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {}

@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {}

@Override
public X509Certificate[] getAcceptedIssuers() {return new X509Certificate[0];}
}

2、实现HostnameVerifier接口：

private static class TrustAllHostnameVerifier implements HostnameVerifier {
@Override
public boolean verify(String hostname, SSLSession session) {
    return true;
}
}

private static SSLSocketFactory createSSLSocketFactory() {
SSLSocketFactory ssfFactory = null;

try {
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null,  new TrustManager[] { new TrustAllCerts() }, new SecureRandom());

ssfFactory = sc.getSocketFactory();
} catch (Exception e) {
}

return ssfFactory;
}

3、OkHttp进行post实例：

public static void post(String url, String json, Callback callback) throws IOException {
try {
OkHttpClient.Builder mBuilder = new OkHttpClient.Builder();
mBuilder.sslSocketFactory(createSSLSocketFactory());
mBuilder.hostnameVerifier(new TrustAllHostnameVerifier());
OkHttpClient client = mBuilder.build();

RequestBody body = RequestBody.create(JSON, json);
Request request = new Request.Builder()
.url(url)
.post(body)
.build();
client.newCall(request).enqueue(callback);
} catch(Exception e) {
e.printStackTrace();
}
}

有时间研究下Https、证书相关。