我正在寻找忽略默认 httpclient 中所有 ssl 错误(例如不可信)的可能性。我在这里看到了很多解决方案,但我总是必须导入特定的证书并将其添加到信任管理器中,或者用于 HttpsUrlConnection 而不是 DefaultHttpClient。
我使用的网络请求是:
public static String makeGETRequest(String s,String encoding)
{
DefaultHttpClient http = new DefaultHttpClient();
final String username = "USERNAME";
final String password = "PASSWORD";
UsernamePasswordCredentials c = new UsernamePasswordCredentials(username,password);
BasicCredentialsProvider cP = new BasicCredentialsProvider();
cP.setCredentials(AuthScope.ANY, c);
http.setCredentialsProvider(cP);
HttpResponse res;
try {
res = http.execute(new HttpGet(s));
InputStream is = res.getEntity().getContent();
BufferedInputStream bis = new BufferedInputStream(is);
ByteArrayBuffer baf = new ByteArrayBuffer(50);
int current = 0;
while((current = bis.read()) != -1){
baf.append((byte)current);
}
return new String(baf.toByteArray(),encoding);
}
catch (ClientProtocolException e) {
// TODO Auto-generated catch block
return "error: " + e.getMessage();
}
catch (IOException e) {
// TODO Auto-generated catch block
return "error: " + e.getMessage();
}
}
And:
public static String makePOSTRequest(String s, List <NameValuePair> nvps,String encoding)
{
DefaultHttpClient http = new DefaultHttpClient();
final String username = "USERNAME";
final String password = "PASSWORD";
UsernamePasswordCredentials c = new UsernamePasswordCredentials(username,password);
BasicCredentialsProvider cP = new BasicCredentialsProvider();
cP.setCredentials(AuthScope.ANY, c);
http.setCredentialsProvider(cP);
HttpResponse res;
try {
HttpPost httpost = new HttpPost(s);
httpost.setEntity(new UrlEncodedFormEntity(nvps, HTTP.DEFAULT_CONTENT_CHARSET));
res = http.execute(httpost);
InputStream is = res.getEntity().getContent();
BufferedInputStream bis = new BufferedInputStream(is);
ByteArrayBuffer baf = new ByteArrayBuffer(50);
int current = 0;
while((current = bis.read()) != -1){
baf.append((byte)current);
}
res = null;
httpost = null;
String ret = new String(baf.toByteArray(),encoding);
return ret;
}
catch (ClientProtocolException e) {
// TODO Auto-generated catch block
return e.getMessage();
}
catch (IOException e) {
// TODO Auto-generated catch block
return e.getMessage();
}
}
有谁知道如何忽略此代码中的 ssl 错误?
编辑:
因为我只能信任一个特定的(过期的)证书,所以我尝试通过以下方式覆盖 DefaultHttpClient:
public class MyHttpClient extends DefaultHttpClient {
final Context context;
public MyHttpClient(Context context) {
this.context = context;
}
@Override protected ClientConnectionManager createClientConnectionManager() {
SchemeRegistry registry = new SchemeRegistry();
registry.register(
new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
registry.register(new Scheme("https", newSslSocketFactory(), 443));
return new SingleClientConnManager(getParams(), registry);
}
private SSLSocketFactory newSslSocketFactory() {
try {
KeyStore trusted = KeyStore.getInstance("BKS");
InputStream in = context.getResources().openRawResource(R.raw.mykeystore);
try {
trusted.load(in, "mypassword".toCharArray());
} finally {
in.close();
}
return new SSLSocketFactory(trusted);
} catch (Exception e) {
throw new AssertionError(e);
}
}
}
R.raw.mykeystore 中的文件是一个 .bks 文件,我用它创建的Portecle,我创建一个新的 bks 并导入过期证书的存储 pem,它似乎可以工作并且密钥存储加载没有错误,但是如果我执行请求,我会收到 IO 异常,并显示消息“无对等证书”,什么可能是问题所在?