Android 4.+https(如何启动TLS1.1 and TLS1.2)

  • 之前用的网络请求框架是鸿洋的OkHttpUtils,网络请求在5.0手机上使用https没有问题,但是最近突然使用了一个4.4的系统,就报错SSLException ....咋地咋地

  • 然后 我们的副总给我们找一个博客,如何解决4.+系统出现的这个问题(虽然我现在还很有点懵逼...),然后添加上去后,就可以使用了。在Okgo ,OkHttpUtils 都可以用,那么的网络请求应该也可以用?!!(别的没有测)
    -然后我先贴一下那个仁兄的博客吧 链接地址 ,使用TLSSocketFactory 类

  • 然后就是在全局初始化的时候使用这个类 , 那个第二次参数,就用他提供的。
    ···
    OkHttpClient okHttpClient = null;
    try {
    HttpsUtils.SSLParams sslParams = HttpsUtils.getSslSocketFactory(null, null, null);
    okHttpClient = new OkHttpClient.Builder()
    .addInterceptor(new LoggerInterceptor("history"))
    .sslSocketFactory(new TLSSocketFactory() , sslParams.trustManager)//这里使用!!!
    .build();
    } catch (KeyManagementException e) {
    e.printStackTrace();
    } catch (NoSuchAlgorithmException e) {
    e.printStackTrace();
    }
    OkHttpUtils.initClient(okHttpClient);
    ···

  • 用OKgo也一样的,第二个参数如果不想用框架自带的我在下面贴出来。

  • 这是 TSsX509TrustManager
    ···

public class SsX509TrustManager implements X509TrustManager {
private static TrustManager[] trustManagers;
private static final X509Certificate[] _AcceptedIssuers = new
X509Certificate[]{};

@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws java.security.cert.CertificateException {
    //To change body of implemented methods use File | Settings | File Templates.
}

@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws java.security.cert.CertificateException {
    //To change body of implemented methods use File | Settings | File Templates.
}

@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
    return new java.security.cert.X509Certificate[0];
}

public boolean isClientTrusted(X509Certificate[] chain) {
    return true;
}

public boolean isServerTrusted(X509Certificate[] chain) {
    return true;
}



public static X509Certificate[] get_AcceptedIssuers() {
    return _AcceptedIssuers;
}

/**
 * 允许所有的SSL请求,添加在new StringRequest()之前
 */
public static void allowAllSSL() {
    HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {

        @Override
        public boolean verify(String arg0, SSLSession arg1) {
            // TODO Auto-generated method stub
            return true;
        }

    });

    SSLContext context = null;
    if (trustManagers == null) {
        trustManagers = new TrustManager[]{new SsX509TrustManager()};
    }

    try {
        context = SSLContext.getInstance("TLS");
        context.init(null, trustManagers, new SecureRandom());
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    } catch (KeyManagementException e) {
        e.printStackTrace();
    }

    HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
}

}

···

你可能感兴趣的:(Android 4.+https(如何启动TLS1.1 and TLS1.2))