您的位置：首页 > 理论基础 > 计算机网络

使用okhttp忽略https的证书认证

2017-11-04 15:01 537 查看

此处是忽略认证，如果想做合法安全的小伙伴可以看，鸿洋大神的文章http://blog.csdn.net/lmj623565791/article/details/48129405

这个，不知道怎么说，直接上代码好了，干了，全都在代码里

public class HttpUtil {
private static HttpUtil mHttpUtil;
private static final int IIME_OUT = 6;
OkHttpClient mClient;

private HttpUtil() {
OkHttpClient.Builder mBuilder = new OkHttpClient.Builder();
mBuilder.sslSocketFactory(createSSLSocketFactory());
mBuilder.hostnameVerifier(new TrustAllHostnameVerifier());
mBuilder.build();
mClient = mBuilder.build();
}

public static HttpUtil getInstance() {
if (mHttpUtil == null) {
synchronized (HttpUtil.class) {
if (mHttpUtil == null) {
mHttpUtil = new HttpUtil();
}
}
}
return mHttpUtil;
}

/**
* 默认信任所有的证书
* TODO 最好加上证书认证，主流App都有自己的证书
*
* @return
*/
@SuppressLint("TrulyRandom")
private static SSLSocketFactory createSSLSocketFactory() {

SSLSocketFactory sSLSocketFactory = null;

try {
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, new TrustManager[]{new TrustAllManager()},
new SecureRandom());
sSLSocketFactory = sc.getSocketFactory();
} catch (Exception e) {
}

return sSLSocketFactory;
}

private static class TrustAllManager implements X509TrustManager {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
}

@Override
public void checkServerTrusted(X509Certificate[] chain, String authType)

throws CertificateException {
}

@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
}

private static class TrustAllHostnameVerifier implements HostnameVerifier
8d4e
{
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
}

}

内容来自用户分享和网络整理，不保证内容的准确性，如有侵权内容，可联系管理员处理

标签：

相关文章推荐

新的分享

章节导航