react-native https自签证书（android&ios）

一、Android

在\项目\node_modules\react-native\ReactAndroid\src\main\java\com\facebook\react\modules\network下，

一、添加HTTPSTrustManager.java文件：

package com.facebook.react.modules.network;

import java.io.IOException;

import java.io.InputStream;

import java.security.KeyManagementException;

import java.security.KeyStore;

import java.security.KeyStoreException;

import java.security.NoSuchAlgorithmException;

import java.security.SecureRandom;

import java.security.cert.Certificate;

import java.security.cert.CertificateException;

import java.security.cert.CertificateFactory;

import java.security.cert.X509Certificate;

import javax.net.ssl.SSLContext;

import javax.net.ssl.SSLSocketFactory;

import javax.net.ssl.TrustManager;

import javax.net.ssl.TrustManagerFactory;

import javax.net.ssl.X509TrustManager;

/** * Created by eyow on 2016/5/25. * * @添加HTTPS信任 */

public class HTTPSTrustManager implements X509TrustManager {

private static final X509Certificate[] _AcceptedIssuers

= new X509Certificate[] {};

@Override

public void checkClientTrusted(X509Certificate[] x509Certificates, String s)

throws CertificateException {

// To change body of implemented methods use File | Settings | File

// Templates.

}

@Override

public void checkServerTrusted(X509Certificate[] x509Certificates, String s)

        throws CertificateException {

// To change body of implemented methods use File | Settings | File

// Templates.

}

@Override

public X509Certificate[] getAcceptedIssuers() {

return null;

}

public static SSLSocketFactory allowAllSSLSocketFactory() {

SSLSocketFactory sslSocketFactory = null;

try {

SSLContext sc= SSLContext.getInstance("TLS");

sc.init(null, new TrustManager[] { new X509TrustManager() {

@Override

public void checkClientTrusted(X509Certificate[] chain, String authType)

throws CertificateException {

}

@Override

public void checkServerTrusted(X509Certificate[] chain, String authType)

throws CertificateException {

}

@Override

public X509Certificate[] getAcceptedIssuers() {

return _AcceptedIssuers;

}

} }, new SecureRandom());

sslSocketFactory = sc.getSocketFactory();

}catch (NoSuchAlgorithmException e) {

e.printStackTrace();

} catch (KeyManagementException e) {

e.printStackTrace();

}

return sslSocketFactory;

}

public static SSLSocketFactory buildSSLSocketFactory(InputStream inputStream) {

KeyStore keyStore = null;

try {

keyStore = buildKeyStore(inputStream);

} catch (KeyStoreException e) {

e.printStackTrace();

} catch (CertificateException e) {

e.printStackTrace();

} catch (NoSuchAlgorithmException e) {

e.printStackTrace();

} catch (IOException e) {

e.printStackTrace();

}

String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();

TrustManagerFactory tmf = null;

try {

tmf = TrustManagerFactory.getInstance(tmfAlgorithm);

tmf.init(keyStore);

} catch (NoSuchAlgorithmException e) {

e.printStackTrace();

} catch (KeyStoreException e) {

e.printStackTrace();

}

SSLContext sslContext = null;

try {

sslContext = SSLContext.getInstance("TLS");

} catch (NoSuchAlgorithmException e) {

e.printStackTrace();

}

try {

sslContext.init(null, tmf.getTrustManagers(), null);

} catch (KeyManagementException e) {

e.printStackTrace();

}

return sslContext.getSocketFactory();

}

private static KeyStore buildKeyStore(InputStream inputStream)

throws KeyStoreException, CertificateException,

NoSuchAlgorithmException, IOException {

String keyStoreType = KeyStore.getDefaultType();

KeyStore keyStore = KeyStore.getInstance(keyStoreType);

keyStore.load(null, null);

Certificate cert = readCert(inputStream);

keyStore.setCertificateEntry("ca", cert);

return keyStore;

}

private static Certificate readCert(InputStream inputStream) {

Certificate ca = null;

try {

CertificateFactory cf = CertificateFactory.getInstance("X.509");

ca = cf.generateCertificate(inputStream);

} catch (CertificateException e) {

e.printStackTrace();

}

return ca;

}

}

二、修改OkHttpClientProvider.java文件:

1、导入SSL相关包：

import javax.net.ssl.HostnameVerifier;

import javax.net.ssl.SSLSocketFactory;

import javax.net.ssl.SSLSession;

2、声明SSLSocketFactory

private static SSLSocketFactory sslSocketFactory;

3、修改 OkHttpClient.Builder代码

public static OkHttpClient.Builder createClientBuilder() {

if (sslSocketFactory == null) {//要添加的代码

sslSocketFactory = HTTPSTrustManager.allowAllSSLSocketFactory();

}

// No timeouts by default

OkHttpClient.Builder client = new OkHttpClient.Builder()

.hostnameVerifier(new HostnameVerifier() {//要添加的代码

public boolean verify(String hostname, SSLSession session) { return true;

}})

.sslSocketFactory(sslSocketFactory)

.connectTimeout(0, TimeUnit.MILLISECONDS)

.readTimeout(0, TimeUnit.MILLISECONDS)

.writeTimeout(0, TimeUnit.MILLISECONDS)

.cookieJar(new ReactCookieJarContainer());

try {

Class ConscryptProvider = Class.forName("org.conscrypt.OpenSSLProvider");

Security.insertProviderAt( (Provider) ConscryptProvider.newInstance(), 1);

return client;

} catch (Exception e) {

return enableTls12OnPreLollipop(client);

}}

二、ios

iOS端，通过查看fetch源码，在追踪到iOS代码发现其实fetch最后都是走的Native，在Liabraries->RCTNetwork中，具体代码

- (void)URLSession:(NSURLSession *)session didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *credential))completionHandler { completionHandler(NSURLSessionAuthChallengeUseCredential, [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust]); }