Android网络编程――https 不验证证书方式(信任所有证书)

         前面写了http的联网方式,Android平台上经常有使用https的需求,对于https服务器使用的根证书是受信任的证书的话,实现https是非常简单的,直接用httpclient库就行了,与使用http几乎没有区别。但是在大多数情况下,服务器所使用的根证书是自签名的,或者签名机构不在设备的信任证书列表中,这样使用httpclient进行https连接就会失败。解决这个问题的办法有两种,一是在发起https连接之前将服务器证书加到httpclient的信任证书列表中,这个相对来说比较复杂一些,很容易出错;另一种办法是让httpclient信任所有的服务器证书,这种办法相对来说简单很多,但安全性则差一些,但在某些场合下有一定的应用场景。这一篇主要实现httpclient信任所有的服务器证书。

      直接给出代码:

     

public class HttpsTestActivity extends Activity {     /** Called when the activity is first created. */ 	private TextView text;     @Override     public void onCreate(Bundle savedInstanceState) {         super.onCreate(savedInstanceState);         setContentView(R.layout.main);         text=(TextView)findViewById(R.id.textView1);         GetHttps();     }          private void GetHttps(){     	String https = "https://www.google.com.hk";         try{         	SSLContext sc = SSLContext.getInstance("TLS");             sc.init(null, new TrustManager[]{new MyTrustManager()}, new SecureRandom());             HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());             HttpsURLConnection.setDefaultHostnameVerifier(new MyHostnameVerifier());             HttpsURLConnection conn = (HttpsURLConnection)new URL(https).openConnection();             conn.setDoOutput(true);             conn.setDoInput(true);             conn.connect();             BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream()));              StringBuffer sb = new StringBuffer();              String line;              while ((line = br.readLine()) != null)                  sb.append(line);                             text.setText(sb.toString());            }catch(Exception e){                 Log.e(this.getClass().getName(), e.getMessage());            }            }          private class MyHostnameVerifier implements HostnameVerifier{             @Override             public boolean verify(String hostname, SSLSession session) {                     // TODO Auto-generated method stub                     return true;             }         }         private class MyTrustManager implements X509TrustManager{             @Override             public void checkClientTrusted(X509Certificate[] chain, String authType)                             throws CertificateException {                     // TODO Auto-generated method stub               }             @Override             public void checkServerTrusted(X509Certificate[] chain, String authType)                              throws CertificateException {                     // TODO Auto-generated method stub                 }             @Override             public X509Certificate[] getAcceptedIssuers() {                     // TODO Auto-generated method stub                     return null;             }                }    }

使用HttpsURLConnection时需要实现HostnameVerifier 和 X509TrustManager,这两个实现是必须的,要不会报安全验证异常。


/**
* @author 张兴业
* 邮箱:xy-zhang#163.com
* android开发进阶群:278401545
*
*/

你可能感兴趣的:(android)