API23及以下版本的网络安全配置-信任路径的锚点未找到-如何处理API<=23的自签名证书
在Android的API 24及以上版本中,可以使用Network security configuration来解决这个问题。但是,在API 23及以下版本中,我们需要进行以下操作来确保应用程序可以使用自签名证书:
- 创建一个类名为“CustomSSLSocketFactory”的类
import java.io.IOException; import java.net.InetAddress; import java.net.Socket; import java.net.UnknownHostException; import java.security.KeyManagementException; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import java.util.Arrays;
import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSocket; import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManagerFactory; import javax.net.ssl.X509TrustManager; import javax.net.ssl.SSLSocketFactory;
/**
-
Created by braj19 on 02/05/16. */ public class CustomSSLSocketFactory extends SSLSocketFactory {
private SSLContext mSSLContext; private X509TrustManager mTrustManager;
public CustomSSLSocketFactory(KeyStore keyStore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, CertificateException, IOException { TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(keyStore); mTrustManager = (X509TrustManager) trustManagerFactory.getTrustManagers()[0];
mSSLContext = SSLContext.getInstance("TLS"); mSSLContext.init(null, new TrustManager[]{mTrustManager}, new SecureRandom());}
@Override public String[] getDefaultCipherSuites() { return new String[0]; }
@Override public String[] getSupportedCipherSuites() { return new String[0]; }
@Override public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException { SSLSocket sslSocket = (SSLSocket) mSSLContext.getSocketFactory().createSocket(s, host, port, autoClose); sslSocket.setEnabledProtocols(sslSocket.getSupportedProtocols()); return sslSocket; }
@Override public Socket createSocket(String host, int port) throws IOException, UnknownHostException { SSLSocket sslSocket = (SSLSocket) mSSLContext.getSocketFactory().createSocket(host, port); sslSocket.setEnabledProtocols(sslSocket.getSupportedProtocols()); return sslSocket; }
@Override public Socket