关于Android http改为https

幸亏通过一个朋友找到了以下这个简便的开源库

https://github.com/lizhangqu/CoreUtil

然后用里面的SSLUtil,10分钟就解决了。

实现自签名SSL证书

1.访问以上开源库网址下载SSLUtil

2.把服务器生成的自签名证书cer文件放到在assets目录下,这里以demo.cer做示范

3.初始化SSLSocketFactory

在http请求类的constructor中添加以下代码,这里以HttpRequest做示范

socketFactory = SSLUtil.getSSLSocketFactory(context.getAssets().open("demo.cer"));

4.添加信任https证书

在new OKHttpClient后添加以下代码

if (url.startsWith("https://") && socketFactory != null) {

client.setSslSocketFactory(socketFactory);

}

以上这几步就是全部步骤了,如果你还是觉得麻烦,推荐使用Android-ZBLibray这个Android快速开发框架,里面自签名已全部封装好,只需替换下demo.cer文件即可。

Android快速开发框架-ZBLibrary 源码下载地址如下:

https://github.com/TommyLemon/Android-ZBLibrary

下面是sslutis

packagezafu.edu.cn.coreutil;

importjava.io.IOException;

importjava.io.InputStream;

importjava.security.KeyStore;

importjava.security.KeyStoreException;

importjava.security.NoSuchAlgorithmException;

importjava.security.SecureRandom;

importjava.security.UnrecoverableKeyException;

importjava.security.cert.CertificateException;

importjava.security.cert.CertificateFactory;

importjavax.net.ssl.KeyManager;

importjavax.net.ssl.KeyManagerFactory;

importjavax.net.ssl.SSLContext;

importjavax.net.ssl.SSLSocketFactory;

importjavax.net.ssl.TrustManagerFactory;

/**

* Https 证书工具类

* User:lizhangqu([email protected])

* Date:2015-09-02

* Time: 12:52

*/

publicclassSSLUtil{

//使用命令keytool -printcert -rfc -file srca.cer 导出证书为字符串,然后将字符串转换为输入流,如果使用的是okhttp可以直接使用new Buffer().writeUtf8(s).inputStream()

/**

* 返回SSLSocketFactory

*

* @param certificates 证书的输入流

* @return SSLSocketFactory

*/

publicstaticSSLSocketFactorygetSSLSocketFactory(InputStream...certificates) {

returngetSSLSocketFactory(null,certificates);

}

/**

* 双向认证

* @param keyManagers KeyManager[]

* @param certificates 证书的输入流

* @return SSLSocketFactory

*/

publicstaticSSLSocketFactorygetSSLSocketFactory(KeyManager[]keyManagers,InputStream...certificates) {

try{

CertificateFactorycertificateFactory=CertificateFactory.getInstance("X.509");

KeyStorekeyStore=KeyStore.getInstance(KeyStore.getDefaultType());

keyStore.load(null);

intindex=0;

for(InputStreamcertificate:certificates) {

StringcertificateAlias=Integer.toString(index++);

keyStore.setCertificateEntry(certificateAlias, certificateFactory.generateCertificate(certificate));

try{

if(certificate!=null)

certificate.close();

}catch(IOExceptione) {

}

}

SSLContextsslContext=SSLContext.getInstance("TLS");

TrustManagerFactorytrustManagerFactory=TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());

trustManagerFactory.init(keyStore);

sslContext.init(keyManagers, trustManagerFactory.getTrustManagers(),newSecureRandom());

SSLSocketFactorysocketFactory=sslContext.getSocketFactory();

returnsocketFactory;

}catch(Exceptione) {

e.printStackTrace();

}

returnnull;

}

/**

* 获得双向认证所需的参数

* @param bks bks证书的输入流

* @param keystorePass 秘钥

* @return KeyManager[]对象

*/

publicstaticKeyManager[]getKeyManagers(InputStreambks,StringkeystorePass) {

KeyStoreclientKeyStore=null;

try{

clientKeyStore=KeyStore.getInstance("BKS");

clientKeyStore.load(bks, keystorePass.toCharArray());

KeyManagerFactorykeyManagerFactory=KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());

keyManagerFactory.init(clientKeyStore, keystorePass.toCharArray());

KeyManager[] keyManagers=keyManagerFactory.getKeyManagers();

returnkeyManagers;

}catch(KeyStoreExceptione) {

e.printStackTrace();

}catch(UnrecoverableKeyExceptione) {

e.printStackTrace();

}catch(CertificateExceptione) {

e.printStackTrace();

}catch(NoSuchAlgorithmExceptione) {

e.printStackTrace();

}catch(IOExceptione) {

e.printStackTrace();

}

returnnull;

}

}

你可能感兴趣的:(关于Android http改为https)