Glide okhttps证书验证全局配置

第一步 新建AppGlideModule：

package com.guoshikeji.dramecard.utils;

import android.content.Context;
import android.support.annotation.NonNull;
import android.util.Log;

import com.bumptech.glide.Glide;
import com.bumptech.glide.GlideBuilder;
import com.bumptech.glide.Registry;
import com.bumptech.glide.annotation.GlideModule;
import com.bumptech.glide.load.model.GlideUrl;
import com.bumptech.glide.module.AppGlideModule;
import java.io.InputStream;

/**
 * Register {@link FlickrModelLoader} for the Flickr sample app.
 */

@GlideModule
public class FlickrGlideModule extends AppGlideModule {

    @Override
    public void applyOptions(@NonNull Context context, @NonNull GlideBuilder builder) {
        super.applyOptions(context, builder);
//        builder.setDefaultRequestOptions(new RequestOptions().format(DecodeFormat.PREFER_ARGB_8888));
    }

    @Override
    public void registerComponents(@NonNull Context context, @NonNull Glide glide,
                                   @NonNull Registry registry) {
        Log.e("tyl","-----registerComponents-------");
        registry.replace(GlideUrl.class, InputStream.class, new OkHttpUrlLoader.Factory());
    }
    @Override
    public boolean isManifestParsingEnabled() {
        return false;
    }

}

第二步 AndroidManifest.xml中配置meta-data ：

第三步 proguard-rules.pro文件中忽略GlideModule混淆：

#GlideModule路径
-keepnames class com.guoshikeji.dramecard.utils.FlickrGlideModule
-keepresourcexmlelements manifest/application/meta-data@value=GlideModule

第四步 在继承AppGlideModule类的registerComponents方法中添加忽略证书认证：

registry.replace(GlideUrl.class, InputStream.class, new OkHttpUrlLoader.Factory());
  

重写OkHttpUrlLoader类的Factory，给OkHttpClient添加证书认证：

 public static class Factory implements ModelLoaderFactory {
        private static volatile Call.Factory internalClient;
        private final Call.Factory client;
        private static Call.Factory getInternalClient() {
//            glide添加双向认证
            OkHttpClient.Builder okHttpClient = new OkHttpClient().newBuilder();
            okHttpClient.hostnameVerifier(new Home());//忽略证书域名不受信任问题
           okHttpClient.sslSocketFactory(MySSLSocketFactory.getSocketFactory(MyApplication.getInstance()));//添加证书
            OkHttpClient build = okHttpClient.build();
            if (internalClient == null) {
                synchronized (Factory.class) {
                    if (internalClient == null) {
                        internalClient = build;
                    }
                }
            }
            return internalClient;
        }
  private static class Home implements HostnameVerifier {
            public SSLSession sslSession;

            @Override
            public boolean verify(String hostname, SSLSession session) {
                this.sslSession = session;
                return true;
            }
        }

添加证书的MySSLSocketFactory类代码可复制https://www.jianshu.com/p/6229d10d3550中的SSLSocketFactory类和X509TrustManager 这2个类即可！

各类知识点整理：

• android https双向验证 前言及总结：https://www.jianshu.com/p/07ce321d80ab
• 单双向验证基础知识点： https://www.jianshu.com/p/ea5f4b1d9c00
• phpstudy搭建本地服务器： https://www.jianshu.com/p/bbf853fc28f3
• 浏览器获取证书文件（p12转cer）：https://www.jianshu.com/p/7f74acab6c74
• https双向认证证书生成：https://www.jianshu.com/p/094c7fc8cb85
• android okhttps双向验证(代码实现)：https://www.jianshu.com/p/6229d10d3550
• android webView的双向验证：https://www.jianshu.com/p/e98119d04fd9
• 配置完成后的测试：https://www.jianshu.com/p/cfcf708a591a

工具类：

• 服务器网址检测（兼容性及协议检测）：https://www.ssllabs.com/index.html

源码：

• github：https://github.com/fs437563/android_https