Android Retrofit Http加密（无证书加密）

前提：本文基于Retrofit + okhttp（下面代码可以直接复制使用！）

---

一、Retrofit常规使用如下：

OkHttpClient okHttpClient =new Builder()

.readTimeout(READ_TIME_OUT, TimeUnit.SECONDS)

.connectTimeout(CONNECT_TIME_OUT, TimeUnit.SECONDS)

.cache(new Cache(file, NET_CACHE_SIZE))

.cookieJar(new CookiesManager())

.addInterceptor(httpLoggingInterceptor)

.addNetworkInterceptor(new Interceptor() {

@Override

            public Responseintercept(Chain chain)throws IOException {

Request original = chain.request();

                Request.Builder rb = original.newBuilder();

                rb.addHeader("token", filterValue(UserPref.getInstance().getToken()));

                return chain.proceed(rb.build());

            }

})

.build();

mService =new retrofit2.Retrofit.Builder()

.client(okHttpClient)

.addConverterFactory(GsonConverterFactory.create())

.addCallAdapterFactory(RxJava2CallAdapterFactory.create())

.baseUrl(baseUrl)

.build().create(ApiServer.class);

---

二、给http加密转https无证书需要添加如下代码

OkHttpClient okHttpClient =new Builder()

.sslSocketFactory(SSLSocketFactoryUtil.createSSLSocketFactory(), SSLSocketFactoryUtil.createTrustAllManager())

.hostnameVerifier(new SSLSocketFactoryUtil.TrustAllHostnameVerifier())

---

三、上面使用到的工具类SSLSocketFactoryUtil如下：

public class SSLSocketFactoryUtil {

/**

* @return

* init SSLSocketFactory

*/

public static SSLSocketFactorycreateSSLSocketFactory() {

SSLSocketFactory sslSocketFactory =null;

    try {

SSLContext sslContext = SSLContext.getInstance("SSL");

        sslContext.init(null, new TrustManager[]{createTrustAllManager()}, new SecureRandom());

        sslSocketFactory = sslContext.getSocketFactory();

    }catch (Exception e) {

}

return sslSocketFactory;

}

/**

* @return

* init X509TrustManager

*/

public static X509TrustManagercreateTrustAllManager() {

X509TrustManager trustManager =null;

    try {

trustManager =new X509TrustManager() {

public void checkClientTrusted(X509Certificate[] chain, String authType){

//do nothing

            }

public void checkServerTrusted(X509Certificate[] chain, String authType){

//do nothing

            }

public X509Certificate[]getAcceptedIssuers() {

return new X509Certificate[0];

            }

};

    }catch (Exception e) {

}

return trustManager;

}

/**

* make TrustAllHostnameVerifier always true

*/

public static class TrustAllHostnameVerifierimplements HostnameVerifier {

@Override

    public boolean verify(String hostname, SSLSession session) {

return true;

    }

}

}

---