Retrofit with OKHTTP3 certification pinning
Question
I am using Retrofit 1.9 with OKHTTP3 client and I am trying to add certification pinning. Below is the relevant code:
String hostname = "xxxxxx.xx";
CertificatePinner certificatePinner = new CertificatePinner.Builder()
.add(hostname, "sha1/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=")
.build();
OkHttpClient client = new OkHttpClient.Builder()
.certificatePinner(certificatePinner)
.build();
return new RestAdapter.Builder()
.setRequestInterceptor(request -> {
request.addHeader("CONTENT-TYPE", "application/json");
})
.setEndpoint("https://xxxxxxxxxxxx").
.setClient(new Ok3Client(client))
.build();
Unfortunately it doesn't seem to be working. I don't have the
"javax.net.ssl.SSLPeerUnverifiedException: Certificate pinning failure!"
exception and even my host or SHA is incorrect. Can anyone explain why?
1 answers
solution1
8 ACCPTED 2016-12-14 15:42:23
A couple things to check, since you've redacted the parts were mistakes are common, I can't tell for certain if these are you issue, but both mistakes will cause no pinning with no logs.
1) For hostname in your CertificatePinner , make sure it is just the host name, like "www.example.com", and not a url " https://www.example.com ".
2) For .setEndpoint("xxxxxxxxxxxx") , make sure you endpoint is https , there are no certs checked on http so no logs.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.