android volley連接https

tcwi4767 8年前發布 | 27K 次閱讀 Android開發 移動開發

來自: http://my.oschina.net/zengliubao/blog/616666


Android中使用volley進行Https 通訊的時候,如果沒有申請正式會報錯:( 我們的服務器用nginx作為容器 )

VolleyEror: com.android.volley.NoConnectionError: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

最好的辦法是按照規則來辦事:加證書。然而調試服務器說不加...

那么要怎么才不會報錯呢?

1.查看接口 X509TrustManger.java ( 在包javax.net.ssl )

X509TrustManager.Java
//------------------------------------

package javax.net.ssl;

import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

/**
 * The trust manager for X509 certificates to be used to perform authentication
 * for secure sockets.
 */
public interface X509TrustManager extends TrustManager {

    /**
     * Checks whether the specified certificate chain (partial or complete) can
     * be validated and is trusted for client authentication for the specified
     * authentication type.
     *
     * @param chain
     *            the certificate chain to validate.
     * @param authType
     *            the authentication type used.
     * @throws CertificateException
     *             if the certificate chain can't be validated or isn't trusted.
     * @throws IllegalArgumentException
     *             if the specified certificate chain is empty or {@code null},
     *             or if the specified authentication type is {@code null} or an
     *             empty string.
     */
    public void checkClientTrusted(X509Certificate[] chain, String authType)
            throws CertificateException;


    /**
     * Checks whether the specified certificate chain (partial or complete) can
     * be validated and is trusted for server authentication for the specified
     * key exchange algorithm.
     *
     * @param chain
     *            the certificate chain to validate.
     * @param authType
     *            the key exchange algorithm name.
     * @throws CertificateException
     *             if the certificate chain can't be validated or isn't trusted.
     * @throws IllegalArgumentException
     *             if the specified certificate chain is empty or {@code null},
     *             or if the specified authentication type is {@code null} or an
     *             empty string.
     */
    public void checkServerTrusted(X509Certificate[] chain, String authType)
            throws CertificateException;

    /**
     * Returns the list of certificate issuer authorities which are trusted for
     * authentication of peers.
     *
     * @return the list of certificate issuer authorities which are trusted for
     *         authentication of peers.
     */
    public X509Certificate[] getAcceptedIssuers();
}


//-------------------------------------------------------------------------------

 

2.FakeX509TrustManger  implements X509TrustManager

package com.http.utils;import java.security.KeyManagementException;import java.security.NoSuchAlgorithmException;import java.security.SecureRandom;import java.security.cert.X509Certificate;import javax.net.ssl.HostnameVerifier;import javax.net.ssl.HttpsURLConnection;import javax.net.ssl.SSLContext;import javax.net.ssl.SSLSession;import javax.net.ssl.TrustManager;import javax.net.ssl.X509TrustManager;/** * * * Created by Administrator on 2016/2/17. */public class FakeX509TrustManager implements X509TrustManager {    private static TrustManager[] trustManagers;    private static final X509Certificate[] _AcceptedIssuers = new            X509Certificate[] {};    @Override    public void checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws java.security.cert.CertificateException {        //To change body of implemented methods use File | Settings | File Templates.    }    @Override    public void checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws java.security.cert.CertificateException {        //To change body of implemented methods use File | Settings | File Templates.    }    public boolean isClientTrusted(X509Certificate[] chain) {        return true;    }    public boolean isServerTrusted(X509Certificate[] chain) {        return true;    }    @Override    public X509Certificate[] getAcceptedIssuers() {        return _AcceptedIssuers;    }    public static void allowAllSSL() {        HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {            @Override            public boolean verify(String arg0, SSLSession arg1) {                // TODO Auto-generated method stub                return true;            }        });        SSLContext context = null;        if (trustManagers == null) {            trustManagers = new TrustManager[] { new FakeX509TrustManager() };        }        try {            context = SSLContext.getInstance("TLS");            context.init(null, trustManagers, new SecureRandom());        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        } catch (KeyManagementException e) {            e.printStackTrace();        }        HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());    }}

 

3.在請求前設置忽略所有的驗證,允許所有的SSL

 

(.equals(requestUrl.getMethod())){
         requestMethod=Request.Method.;
      }{
         url=url++params.toString();         }

      FakeX509TrustManager.();StringRequest httpRequest = StringRequest(requestMethod, url, Response.Listener<String>() {
            onResponse(String response) {
.dismissDialog();

 

 本文由用戶 tcwi4767 自行上傳分享,僅供網友學習交流。所有權歸原作者,若您的權利被侵害,請聯系管理員。
 轉載本站原創文章,請注明出處,并保留原始鏈接、圖片水印。
 本站是一個以用戶分享為主的開源技術平臺,歡迎各類分享!