如果不需要验证服务器端证书,直接照这里做
- publicclassDemoextendsActivity{
-
-
privateTextViewtext;
-
@Override
-
publicvoidonCreate(BundlesavedInstanceState){
-
super.onCreate(savedInstanceState);
- setContentView(R.layout.main);
- text=(TextView)findViewById(R.id.text);
- GetHttps();
- }
-
privatevoidGetHttps(){
-
Stringhttps="https://800wen.com/";
-
try{
-
SSLContextsc=SSLContext.getInstance("TLS");
-
sc.init(null,newTrustManager[]{newMyTrustManager()},newSecureRandom());
- HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
-
HttpsURLConnection.setDefaultHostnameVerifier(newMyHostnameVerifier());
-
HttpsURLConnectionconn=(HttpsURLConnection)newURL(https).openConnection();
-
conn.setDoOutput(true);
-
conn.setDoInput(true);
- conn.connect();
-
BufferedReaderbr=newBufferedReader(newInputStreamReader(conn.getInputStream()));
-
StringBuffersb=newStringBuffer();
- Stringline;
-
while((line=br.readLine())!=null)
- sb.append(line);
- text.setText(sb.toString());
-
}catch(Exceptione){
-
Log.e(this.getClass().getName(),e.getMessage());
- }
- }
-
privateclassMyHostnameVerifierimplementsHostnameVerifier{
-
@Override
-
publicbooleanverify(Stringhostname,SSLSessionsession){
-
-
returntrue;
- }
- }
-
privateclassMyTrustManagerimplementsX509TrustManager{
-
@Override
-
publicvoidcheckClientTrusted(X509Certificate[]chain,StringauthType)
-
throwsCertificateException{
-
- }
-
@Override
-
publicvoidcheckServerTrusted(X509Certificate[]chain,StringauthType)
-
throwsCertificateException{
-
- }
-
@Override
-
publicX509Certificate[]getAcceptedIssuers(){
-
-
returnnull;
- }
- }
- }
public class Demo extends Activity {
/** Called when the activity is first created. */
private TextView text;
@Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.main);
text = (TextView)findViewById(R.id.text);
GetHttps();
}
private void GetHttps(){
String https = " https://800wen.com/";
try{
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, new TrustManager[]{new MyTrustManager()}, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(new MyHostnameVerifier());
HttpsURLConnection conn = (HttpsURLConnection)new URL(https).openConnection();
conn.setDoOutput(true);
conn.setDoInput(true);
conn.connect();
BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream()));
StringBuffer sb = new StringBuffer();
String line;
while ((line = br.readLine()) != null)
sb.append(line);
text.setText(sb.toString());
}catch(Exception e){
Log.e(this.getClass().getName(), e.getMessage());
}
}
private class MyHostnameVerifier implements HostnameVerifier{
@Override
public boolean verify(String hostname, SSLSession session) {
// TODO Auto-generated method stub
return true;
}
}
private class MyTrustManager implements X509TrustManager{
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
// TODO Auto-generated method stub
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
// TODO Auto-generated method stub
}
@Override
public X509Certificate[] getAcceptedIssuers() {
// TODO Auto-generated method stub
return null;
}
}
}
如果需要验证服务器端证书(这样能够防钓鱼),我是这样做的,还有些问题问大牛:
a. 导出公钥。在浏览器上用https访问tomcat,查看其证书,并另存为一个文件(存成了X.509格式:xxxx.cer)
b. 导入公钥。把xxxx.cer放在Android的assets文件夹中,以方便在运行时通过代码读取此证书,留了两个问题给大牛:
- AssetManageram=context.getAssets();
-
InputStreamins=am.open("robusoft.cer");
-
try{
-
-
CertificateFactorycerFactory=CertificateFactory.getInstance("X.509");
- Certificatecer=cerFactory.generateCertificate(ins);
-
-
KeyStorekeyStore=KeyStore.getInstance("PKCS12","BC");
-
keyStore.load(null,null);
-
keyStore.setCertificateEntry("trust",cer);
-
returnkeyStore;
-
}finally{
- ins.close();
- }
-
-
SSLSocketFactorysocketFactory=newSSLSocketFactory(keystore);
-
Schemesch=newScheme("https",socketFactory,443);
-
-
HttpClientmHttpClient=newDefaultHttpClient();
- mHttpClient.getConnectionManager().getSchemeRegistry().register(sch);
AssetManager am = context.getAssets();
InputStream ins = am.open("robusoft.cer");
try {
//读取证书
CertificateFactory cerFactory = CertificateFactory.getInstance("X.509"); //问1
Certificate cer = cerFactory.generateCertificate(ins);
//创建一个证书库,并将证书导入证书库
KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC"); //问2
keyStore.load(null, null);
keyStore.setCertificateEntry("trust", cer);
return keyStore;
} finally {
ins.close();
}
//把咱的证书库作为信任证书库
SSLSocketFactory socketFactory = new SSLSocketFactory(keystore);
Scheme sch = new Scheme("https", socketFactory, 443);
//完工
HttpClient mHttpClient = new DefaultHttpClient();
mHttpClient.getConnectionManager().getSchemeRegistry().register(sch);
问1:这里用"PKCS12"不行
答1:PKCS12和JKS是keystore的type,不是Certificate的type,所以X.509不能用PKCS12代替
问2:这里用"JKS"不行。
答2:android平台上支持的keystore type好像只有PKCS12,不支持JKS,所以不能用JKS代替在PKCS12,不过在windows平台上是可以代替的
分享到:
相关推荐
本项目是一个实现自动连接指定的wifi的功能,可以检测要连接的wifi是否在可连接范围内,若在可连接范围内,则进行连接;否则提醒用户,程序结束。注意:此处要连接的wifi是已经配置好的,就是之前已经连接过的。程序...
安卓Android源码——android蓝牙连接打印机.zip
Android源码——连接SQLite数据库源码.zip
安卓Android源码——连接SQLite数据库源码.zip
安卓Android源码——蓝牙连接打印机.zip
Android连接数据库
13 android连接SQLite数据库-----增加改查+分页 14 Android游戏的心跳效果 15 Android远程登录含有loading登录效果~~完整代码和超级详细注释 16 AsyncTask进度条加载网站数据到ListView 17 EditText插入QQ表情源码 ...
android项目蓝牙连接简单源码 实现了简单的获取蓝牙设备名称等进行点击
Android 蓝牙hfp 服务发现、rfcomm连接、SLC连接、SCO链路连接等等源码流程图。非常详细的从btif-bta-btm-hci 数据流程走向,以及从controller收到数据到btm层,将Android 源码使用流程图的形式画了出来,使Android ...
Android 远程桌面连接到PC的源码,亲测试可用!
Android应用源码之android蓝牙连接打印机
Android 蓝牙 rfcomm spp 协议连接流程、数据收发流程源码流程分析大全,非常详细的从btif-bta-btm-hci 数据流程走向,以及从controller收到数据到btm层,将Android 源码每个函数都摘录出来,进行分析,使Android ...
Android 蓝牙配对连接源码分析文档大全,非常详细的从btif-bta-btm-hci 数据流程走向,以及从controller收到数据到btm层,将Android 源码每个函数都摘录出来,进行分析,使Android 蓝牙开发者更清楚数据收发走向,...
android 蓝牙 扫描 连接 实例源码下载.rar
如果要做成Android11 或者之前一样,设备连接WiFi/有线网络后电脑可以直接进行adb连接,就要对系统代码进行适配修改。 之前以为设置端口号和persist.adb.tls_server.enable 属性就ok了,但是还是有些小bug,还是要...
android连接SQLite数据库源码.rar
安卓Android源码——网络连接状态检测.rar
基于最新的FreeRDP开源,已整合最简,.so资源已封装,基于RDP协议的android手机可连接电脑远程桌面的客户端,整套源码经测试可用。项目import置入eclipse无报错! 1)支持Android 2.2(含)以上系统 2)支持RDP协议 ...
基于Android的WiF单片机连接源码.zip基于Android的WiF单片机连接源码.zip基于Android的WiF单片机连接源码.zip基于Android的WiF单片机连接源码.zip基于Android的WiF单片机连接源码.zip
Android 蓝牙低功耗ble hopg 广播、扫描、连接、数据读写源码流程分析大全,非常详细的从btif-bta-btm-hci 数据流程走向,以及从controller收到数据到btm层,将Android 源码每个函数都摘录出来,进行分析,使Android...