[英]way to Ignore ssl certificate using HttpsURLConnection
我使用兩種方法嘗試使用HTTPS URL:
具有正確值的舊的已棄用和返回響應。
這是代碼,它不需要忽略ssl證書它自己忽略它或可能使用其他技術:
public String newApiPost(String url,String p1,String p2,String p3){
HttpClient httpClient = new DefaultHttpClient();
// replace with your url
HttpPost httpPost = new HttpPost(url);
//Post Data
List<NameValuePair> nameValuePair = new ArrayList<NameValuePair>
();
nameValuePair.add(new BasicNameValuePair("cliend_id",p1));
nameValuePair.add(new BasicNameValuePair("client_secret", p2));
nameValuePair.add(new BasicNameValuePair("key",p3));
//Encoding POST data
try {
httpPost.setEntity(new UrlEncodedFormEntity(nameValuePair));
} catch (UnsupportedEncodingException e) {
// log exception
e.printStackTrace();
}
//making POST request.
try {
HttpResponse response = httpClient.execute(httpPost);
HttpEntity httpEntity = response.getEntity();
String result = EntityUtils.toString(httpEntity,
HTTP.UTF_8);
Log.d("response", result);
// write response to log
Log.d("zzuu", result.toString());
} catch (ClientProtocolException e) {
// Log exception
e.printStackTrace();
} catch (IOException e) {
// Log exception
e.printStackTrace();
Log.d("dddfg", e.toString());
}catch (Exception e){
Log.d("dddfg", e.toString());
}
return "";
}
然后我使用了不推薦使用的方法HttpsUrlConnections,它需要忽略ssl證書,我使用很多方法但是沒有用:
public void sendNew (String urls,String paramValue1,String
paramValue2,String paramValue3){
URL url = null;
BufferedReader reader = null;
StringBuilder stringBuilder;
String data="";
try {
url = new URL(urls);
HttpsURLConnection conn = (HttpsURLConnection)
url.openConnection();
conn.setReadTimeout(10000);
conn.setConnectTimeout(15000);
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-Type", "application/x-www-form-
urlencoded");
conn.setRequestProperty("charset", "utf-8");
conn.setDoInput(true);
conn.setDoOutput(true);
Uri.Builder builder = new Uri.Builder()
.appendQueryParameter("cliend_id", paramValue1)
.appendQueryParameter("client_secret", paramValue2)
.appendQueryParameter("apikey", paramValue3);
String query = builder.build().getEncodedQuery();
OutputStream os = conn.getOutputStream();
BufferedWriter writer = new BufferedWriter(
new OutputStreamWriter(os, "UTF-8"));
writer.write(query);
writer.flush();
writer.close();
os.close();
conn.connect();
reader = new BufferedReader(new
InputStreamReader(conn.getErrorStream()));
stringBuilder = new StringBuilder();
String line = null;
while ((line = reader.readLine()) != null)
{
stringBuilder.append(line + "\n");
}
data= stringBuilder.toString();
Log.d("zzuu", data);
} catch (MalformedURLException e) {
e.printStackTrace();
} catch (ProtocolException e) {
e.printStackTrace();
Log.d("dddfg", e.toString());
} catch (IOException e) {
e.printStackTrace();
Log.d("dddfg", e.toString());
}catch (Exception e){
Log.d("dddfg", e.toString());
}
}
它響應此錯誤:
10-12 17:06:06.135 16052-16075/ W/System.err﹕ java.io.IOException: Hostname 'xxxxxxxx' was not verified
10-12 17:06:06.139 16052-16075/ W/System.err﹕ at libcore.net.http.HttpConnection.verifySecureSocketHostname(HttpConnection.java:223)
10-12 17:06:06.139 16052-16075/ W/System.err﹕ at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.connect(HttpsURLConnectionImpl.java:446)
10-12 17:06:06.139 16052-16075/ W/System.err﹕ at libcore.net.http.HttpEngine.sendSocketRequest(HttpEngine.java:290)
10-12 17:06:06.170 16052-16075/ W/System.err﹕ at libcore.net.http.HttpEngine.sendRequest(HttpEngine.java:240)
10-12 17:06:06.171 16052-16075/ W/System.err﹕ at libcore.net.http.HttpURLConnectionImpl.getResponse(HttpURLConnectionImpl.java:292)
10-12 17:06:06.175 16052-16075/ W/System.err﹕ at libcore.net.http.HttpURLConnectionImpl.getInputStream(HttpURLConnectionImpl.java:185)
10-12 17:06:06.175 16052-16075/ W/System.err﹕ at libcore.net.http.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:271)
10-12 17:06:06.176 16052-16075/ W/System.err﹕ at ubicall.sand.ubicall.helper.JSONParser.method(JSONParser.java:422)
10-12 17:06:06.177 16052-16075/ W/System.err﹕ at ubicall.sand.ubicall.activity.SplashActivity$Access.doInBackground(SplashActivity.java:111)
10-12 17:06:06.177 16052-16075/ W/System.err﹕ at ubicall.sand.ubicall.activity.SplashActivity$Access.doInBackground(SplashActivity.java:106)
10-12 17:06:06.177 16052-16075/ W/System.err﹕ at android.os.AsyncTask$2.call(AsyncTask.java:287)
我不明白什么時候問題確切地說它在restclient和postman中使用post方法在url體中發送的數據然后我發現我在使用HttpsURLConnection時我需要忽略ssl證書但是我嘗試了很多方法忽略但是沒有工作
I use
private void trustEveryone() {
try {
HttpsURLConnection.setDefaultHostnameVerifier(new
HostnameVerifier(){
public boolean verify(String hostname, SSLSession session)
{
return true;
}});
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, new X509TrustManager[]{new
X509TrustManager(){
public void checkClientTrusted(X509Certificate[] chain,
String authType) throws
CertificateException {}
public void checkServerTrusted(X509Certificate[] chain,
String authType) throws
CertificateException {}
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}}}, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(
context.getSocketFactory());
} catch (Exception e) { // should never happen
e.printStackTrace();
}
}
根據您的logcat信息,我認為您應該閱讀以下鏈接:
如果URL的主機名與對等方的標識主機名不匹配,則在握手期間使用它。
出現這種情況的一個原因是服務器配置錯誤。 服務器配置了一個證書,該證書沒有與您嘗試訪問的服務器匹配的主題或主題備用名稱字段...
然后,您可以參考我對以下問題的回答:
編輯:關於你的想法'忽略ssl',你可以嘗試以下(但是,據說不建議這樣做):
public class HttpsTrustManager implements X509TrustManager {
private static TrustManager[] trustManagers;
private static final X509Certificate[] _AcceptedIssuers = new X509Certificate[]{};
@Override
public void checkClientTrusted(
X509Certificate[] x509Certificates, String s)
throws java.security.cert.CertificateException {
}
@Override
public void checkServerTrusted(
X509Certificate[] x509Certificates, String s)
throws java.security.cert.CertificateException {
}
public boolean isClientTrusted(X509Certificate[] chain) {
return true;
}
public boolean isServerTrusted(X509Certificate[] chain) {
return true;
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return _AcceptedIssuers;
}
public static void allowAllSSL() {
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
});
SSLContext context = null;
if (trustManagers == null) {
trustManagers = new TrustManager[]{new HttpsTrustManager()};
}
try {
context = SSLContext.getInstance("TLS");
context.init(null, trustManagers, new SecureRandom());
} catch (NoSuchAlgorithmException | KeyManagementException e) {
e.printStackTrace();
}
HttpsURLConnection.setDefaultSSLSocketFactory(context != null ? context.getSocketFactory() : null);
}
}
然后,在您的活動中,調用HttpsTrustManager.allowAllSSL();
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.