android Retrofit 使用 HTTPS

   创建 OkHttpClient 配置基本信息
private static OkHttpClient okHttpClient = new OkHttpClient.Builder()
        .writeTimeout(TIMEOUT, TimeUnit.SECONDS)
        //配置SSlSocketFactory
        .sslSocketFactory(SSLSocketFactoryUtils.createSSLSocketFactory())
        .readTimeout(TIMEOUT, TimeUnit.SECONDS)
        .addInterceptor(logInterceptor())
        .build();

默认添加所有证书

/*
 * 默认信任所有的证书
  * */
public static SSLSocketFactory createSSLSocketFactory() {
    SSLSocketFactory sslSocketFactory = null;
    try {
        SSLContext sslContext = SSLContext.getInstance("SSL");
        sslContext.init(null, new TrustManager[]{createTrustAllManager()}, new SecureRandom());
        sslSocketFactory = sslContext.getSocketFactory();
    } catch (Exception e) {

    }
    return sslSocketFactory;
}
public static X509TrustManager createTrustAllManager() {
    X509TrustManager tm = null;
    try {

        tm =   new X509TrustManager() {
            public void checkClientTrusted(X509Certificate[] chain, String authType)
                    throws CertificateException {
                //do nothing,接受任意客户端证书
            }

            public void checkServerTrusted(X509Certificate[] chain, String authType)
                    throws CertificateException {
                //do nothing,接受任意服务端证书
            }

            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        };
        InputStream trustStream = Constant.context.getResources().openRawResource(R.raw.tcggscapi);
        testReadX509CerFile(trustStream);
    } catch (Exception e) {

    }
    return tm;
}
到此为止就可以访问 Https

添加访问特定证书

public static SSLSocketFactory createSSLSocketFactory(Context context, int keyServerStroreID) {
    SSLSocketFactory mSSLSocketFactory = null;
    if(mSSLSocketFactory==null){
        synchronized (SSLSocketFactoryUtils.class) {
            if(mSSLSocketFactory==null){

                InputStream trustStream = context.getResources().openRawResource(keyServerStroreID);
                SSLContext sslContext;
                try {
                    sslContext = SSLContext.getInstance("SSL");
                } catch (NoSuchAlgorithmException e) {
                    Log.e("httpDebug","createSingleSSLSocketFactory",e);
                    return null;
                }
                //获得服务器端证书
                TrustManager[] turstManager = getTurstManager(trustStream);

                //初始化ssl证书库
                try {
                    sslContext.init(null,turstManager,new SecureRandom());
                } catch (KeyManagementException e) {
                    Log.e("httpDebug","createSingleSSLSocketFactory",e);
                }

                //获得sslSocketFactory
                mSSLSocketFactory=sslContext.getSocketFactory();
            }
        }
    }
    return mSSLSocketFactory;
}
/**获得指定流中的服务器端证书库*/

public static TrustManager[] getTurstManager(InputStream... certificates) {
    try {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null,null);
        int index = 0;
        for (InputStream certificate : certificates) {
            if (certificate == null) {
                continue;
            }
            Certificate certificate1;
            try {
                certificate1 = certificateFactory.generateCertificate(certificate);
            }finally {
                certificate.close();
            }

            String certificateAlias = Integer.toString(index++);
            keyStore.setCertificateEntry(certificateAlias,certificate1);
        }

        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory
                .getDefaultAlgorithm());

        trustManagerFactory.init(keyStore);
        return trustManagerFactory.getTrustManagers();

    } catch (Exception e) {
        Log.e("httpDebug","SSLSocketFactoryUtils",e);
    }
    return new TrustManager[]{createTrustAllManager()};
}
/***
 * 读取*.cer公钥证书文件, 获取公钥证书信息
 * @author xgh
 */
public static  void testReadX509CerFile(InputStream inStream) throws Exception{

    try {
        // 读取证书文件

        // 创建X509工厂类
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        // 创建证书对象
        X509Certificate oCert = (X509Certificate) cf
                .generateCertificate(inStream);
        inStream.close();
        SimpleDateFormat dateformat = new SimpleDateFormat("yyyy/MM/dd");
        String info = null;
        // 获得证书版本
        info = String.valueOf(oCert.getVersion());
        System.out.println("证书版本:" + info);
        // 获得证书序列号
        info = oCert.getSerialNumber().toString(16);
        System.out.println("证书序列号:" + info);
        // 获得证书有效期
        Date beforedate = oCert.getNotBefore();
        info = dateformat.format(beforedate);
        System.out.println("证书生效日期:" + info);
        Date afterdate = oCert.getNotAfter();
        info = dateformat.format(afterdate);
        System.out.println("证书失效日期:" + info);
        // 获得证书主体信息
        info = oCert.getSubjectDN().getName();
        System.out.println("证书拥有者:" + info);
        // 获得证书颁发者信息
        info = oCert.getIssuerDN().getName();
        System.out.println("证书颁发者:" + info);
        // 获得证书签名算法名称
        info = oCert.getSigAlgName();
        System.out.println("证书签名算法:" + info);

    } catch (Exception e) {
        System.out.println("解析证书出错!");
        e.printStackTrace();
    }
}

你可能感兴趣的:(android)