Android Https详细请求全方案实现,包括HttpUrlConnection及HttpClient方式实现指定证书及信任所有的实现,不多说了,以下代码都经过详细测试,可以直接使用。
package com.example.httpstest;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.scheme.PlainSocketFactory;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager;
import org.apache.http.params.BasicHttpParams;
import org.apache.http.params.HttpConnectionParams;
import org.apache.http.params.HttpParams;
import android.app.Activity;
import android.os.Bundle;
import android.util.Log;
/**
* HTTPS测试 测试地址:https://certs.cac.washington.edu/CAtest/
* 测试证书:https://www.washington.edu/itconnect/security/ca/load-der.crt
*
*
* @author guojing09
*
*/
public class MainActivity extends Activity {
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
new Thread(new Runnable() {
@Override
public void run() {
try {
initSSLWithHttpClinet();
} catch (Exception e) {
Log.e("HTTPS TEST", e.getMessage());
}
}
}).start();
}
/**
* HttpUrlConnection 方式,支持指定load-der.crt证书验证,此种方式Android官方建议
*
* @throws CertificateException
* @throws IOException
* @throws KeyStoreException
* @throws NoSuchAlgorithmException
* @throws KeyManagementException
*/
public void initSSL() throws CertificateException, IOException, KeyStoreException,
NoSuchAlgorithmException, KeyManagementException {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream in = getAssets().open("load-der.crt");
Certificate ca = cf.generateCertificate(in);
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
keystore.load(null, null);
keystore.setCertificateEntry("ca", ca);
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keystore);
// Create an SSLContext that uses our TrustManager
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), null);
URL url = new URL("https://certs.cac.washington.edu/CAtest/");
HttpsURLConnection urlConnection = (HttpsURLConnection) url.openConnection();
urlConnection.setSSLSocketFactory(context.getSocketFactory());
InputStream input = urlConnection.getInputStream();
BufferedReader reader = new BufferedReader(new InputStreamReader(input, "UTF-8"));
StringBuffer result = new StringBuffer();
String line = "";
while ((line = reader.readLine()) != null) {
result.append(line);
}
Log.e("TTTT", result.toString());
}
/**
* HttpUrlConnection支持所有Https免验证,不建议使用
*
* @throws KeyManagementException
* @throws NoSuchAlgorithmException
* @throws IOException
*/
public void initSSLALL() throws KeyManagementException, NoSuchAlgorithmException, IOException {
URL url = new URL("https://certs.cac.washington.edu/CAtest/");
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, new TrustManager[] { new TrustAllManager() }, null);
HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
});
HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
connection.setDoInput(true);
connection.setDoOutput(false);
connection.setRequestMethod("GET");
connection.connect();
InputStream in = connection.getInputStream();
BufferedReader reader = new BufferedReader(new InputStreamReader(in));
String line = "";
StringBuffer result = new StringBuffer();
while ((line = reader.readLine()) != null) {
result.append(line);
}
Log.e("TTTT", result.toString());
}
/**
* HttpClient方式实现,支持所有Https免验证方式链接
*
* @throws ClientProtocolException
* @throws IOException
*/
public void initSSLAllWithHttpClient() throws ClientProtocolException, IOException {
int timeOut = 30 * 1000;
HttpParams param = new BasicHttpParams();
HttpConnectionParams.setConnectionTimeout(param, timeOut);
HttpConnectionParams.setSoTimeout(param, timeOut);
HttpConnectionParams.setTcpNoDelay(param, true);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
registry.register(new Scheme("https", TrustAllSSLSocketFactory.getDefault(), 443));
ClientConnectionManager manager = new ThreadSafeClientConnManager(param, registry);
DefaultHttpClient client = new DefaultHttpClient(manager, param);
HttpGet request = new HttpGet("https://certs.cac.washington.edu/CAtest/");
// HttpGet request = new HttpGet("https://www.alipay.com/");
HttpResponse response = client.execute(request);
HttpEntity entity = response.getEntity();
BufferedReader reader = new BufferedReader(new InputStreamReader(entity.getContent()));
StringBuilder result = new StringBuilder();
String line = "";
while ((line = reader.readLine()) != null) {
result.append(line);
}
Log.e("HTTPS TEST", result.toString());
}
/**
* HttpClient方式实现,支持验证指定证书
*
* @throws ClientProtocolException
* @throws IOException
*/
public void initSSLCertainWithHttpClient() throws ClientProtocolException, IOException {
int timeOut = 30 * 1000;
HttpParams param = new BasicHttpParams();
HttpConnectionParams.setConnectionTimeout(param, timeOut);
HttpConnectionParams.setSoTimeout(param, timeOut);
HttpConnectionParams.setTcpNoDelay(param, true);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
registry.register(new Scheme("https", TrustCertainHostNameFactory.getDefault(this), 443));
ClientConnectionManager manager = new ThreadSafeClientConnManager(param, registry);
DefaultHttpClient client = new DefaultHttpClient(manager, param);
// HttpGet request = new
// HttpGet("https://certs.cac.washington.edu/CAtest/");
HttpGet request = new HttpGet("https://www.alipay.com/");
HttpResponse response = client.execute(request);
HttpEntity entity = response.getEntity();
BufferedReader reader = new BufferedReader(new InputStreamReader(entity.getContent()));
StringBuilder result = new StringBuilder();
String line = "";
while ((line = reader.readLine()) != null) {
result.append(line);
}
Log.e("HTTPS TEST", result.toString());
}
public class TrustAllManager implements X509TrustManager {
@Override
public void checkClientTrusted(X509Certificate[] arg0, String arg1)
throws CertificateException {
// TODO Auto-generated method stub
}
@Override
public void checkServerTrusted(X509Certificate[] arg0, String arg1)
throws CertificateException {
// TODO Auto-generated method stub
}
@Override
public X509Certificate[] getAcceptedIssuers() {
// TODO Auto-generated method stub
return null;
}
}
}
package com.example.httpstest;
import java.io.IOException;
import java.lang.reflect.Field;
import java.net.InetAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.scheme.SocketFactory;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.conn.ssl.X509HostnameVerifier;
import android.os.Build;
public class TrustAllSSLSocketFactory extends SSLSocketFactory {
private javax.net.ssl.SSLSocketFactory factory;
private static TrustAllSSLSocketFactory instance;
private TrustAllSSLSocketFactory() throws KeyManagementException, UnrecoverableKeyException,
NoSuchAlgorithmException, KeyStoreException {
super(null);
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, new TrustManager[] { new TrustAllManager() }, null);
factory = context.getSocketFactory();
setHostnameVerifier(new X509HostnameVerifier() {
@Override
public void verify(String host, String[] cns, String[] subjectAlts) throws SSLException {
// TODO Auto-generated method stub
}
@Override
public void verify(String host, X509Certificate cert) throws SSLException {
// TODO Auto-generated method stub
}
@Override
public void verify(String host, SSLSocket ssl) throws IOException {
// TODO Auto-generated method stub
}
@Override
public boolean verify(String host, SSLSession session) {
// TODO Auto-generated method stub
return true;
}
});
}
public static SocketFactory getDefault() {
if (instance == null) {
try {
instance = new TrustAllSSLSocketFactory();
} catch (KeyManagementException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (UnrecoverableKeyException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (KeyStoreException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
return instance;
}
@Override
public Socket createSocket() throws IOException {
return factory.createSocket();
}
@Override
public Socket createSocket(Socket socket, String host, int port, boolean autoClose)
throws IOException, UnknownHostException {
if (Build.VERSION.SDK_INT < 11) { // 3.0
injectHostname(socket, host);
}
return factory.createSocket(socket, host, port, autoClose);
}
private void injectHostname(Socket socket, String host) {
try {
Field field = InetAddress.class.getDeclaredField("hostName");
field.setAccessible(true);
field.set(socket.getInetAddress(), host);
} catch (Exception ignored) {
}
}
public class TrustAllManager implements X509TrustManager {
@Override
public void checkClientTrusted(X509Certificate[] arg0, String arg1)
throws CertificateException {
// TODO Auto-generated method stub
}
@Override
public void checkServerTrusted(X509Certificate[] arg0, String arg1)
throws CertificateException {
// TODO Auto-generated method stub
}
@Override
public X509Certificate[] getAcceptedIssuers() {
// TODO Auto-generated method stub
return null;
}
}
}
package com.example.httpstest;
import java.io.IOException;
import java.io.InputStream;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import org.apache.http.conn.ssl.SSLSocketFactory;
import android.content.Context;
public class TrustCertainHostNameFactory extends SSLSocketFactory {
private static TrustCertainHostNameFactory mInstance;
public TrustCertainHostNameFactory(KeyStore truststore) throws NoSuchAlgorithmException,
KeyManagementException, KeyStoreException, UnrecoverableKeyException {
super(truststore);
}
public static TrustCertainHostNameFactory getDefault(Context context) {
KeyStore keystore = null;
try {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream in;
in = context.getAssets().open("load-der.crt");
Certificate ca = cf.generateCertificate(in);
keystore = KeyStore.getInstance(KeyStore.getDefaultType());
keystore.load(null, null);
keystore.setCertificateEntry("ca", ca);
if (null == mInstance) {
mInstance = new TrustCertainHostNameFactory(keystore);
}
} catch (Exception e) {
}
return mInstance;
}
@Override
public Socket createSocket() throws IOException {
return super.createSocket();
}
@Override
public Socket createSocket(Socket socket, String host, int port, boolean autoClose)
throws IOException, UnknownHostException {
return super.createSocket(socket, host, port, autoClose);
}
}