public class TrustStoreManager
{
private static final String TRUSTSTORE_NAME = "certificate.pfx";
private static final String TRUSTSTORE_PASSWORD = "password";
public static void installCertificate(Context context)
{
try {
KeyStore keystore = KeyStore.getInstance("PKCS12");
InputStream is = context.getAssets().open(TRUSTSTORE_NAME);
keystore.load(is, TRUSTSTORE_PASSWORD.toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(keystore);
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, tmf.getTrustManagers(), null);
HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
is.close();
} catch (Exception e) {
e.printStackTrace();
}
}
}
public class MainActivity extends AppCompatActivity {
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
TrustStoreManager.installCertificate(this);
}
}
URL url = new URL("https://example.com");
HttpsURLConnection urlConnection = (HttpsURLConnection) url.openConnection();
urlConnection.setRequestMethod("GET");
urlConnection.setReadTimeout(10000);
urlConnection.setConnectTimeout(15000);
urlConnection.setDoInput(true);
InputStream is = urlConnection.getInputStream();
BufferedReader reader = new BufferedReader(new InputStreamReader(is));
String line = null;
while ((line = reader.readLine()) != null) {
Log.d(TAG, line);
}
is.close();
urlConnection.disconnect();
此时,应用程序将使用设备级别上安装的证书来访问HTTPS API。