[英]Bypass SSL Warning from google play
我使用JSOUP連接到許多 https網站。 我使用方法Jsoup.connect(url),但是它拋出異常:
javax.net.ssl.SSLHandshakeException: Certificate not valid or trusted.
因此,我使用此代碼來信任所有cert ssl:
public static void enableSSLSocket() throws KeyManagementException, NoSuchAlgorithmException {
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted( java.security.cert.X509Certificate[] certs, String authType ) { }
public void checkServerTrusted( java.security.cert.X509Certificate[] certs, String authType ) { }
}
};
// Install the all-trusting trust manager
try {
SSLContext sc = SSLContext.getInstance( "SSL" );
sc.init( null, trustAllCerts, new java.security.SecureRandom() );
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(
new HostnameVerifier() {
public boolean verify(String urlHostName, SSLSession session) {
return true;
}
});
}
catch ( Exception e ) {
//We can not recover from this exception.
e.printStackTrace();
}}
但是因為我在上面使用的代碼在play store上有goole警告。
您的應用正在使用帶有Apache HTTP客戶端的X509TrustManager接口的不安全實現,從而導致安全漏洞。 請參閱此Google幫助中心文章以了解詳細信息,包括修復漏洞的截止日期。
如果我添加以下代碼:
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
try {
chain[0].checkValidity();
} catch (Exception e) {
throw new CertificateException("Certificate not valid or trusted.");
}
}
警告消失了,但是JSOUP無法正常工作,但又出現了同樣的異常。 那么有什么方法可以信任所有SSL並繞過Google警告? 預先謝謝你。
我找到了解決方案,希望有人需要它:
public static void trustSSLCertificate(final Activity mActivity, final DownloadPortalTask task){ try { HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { public boolean verify(String hostname, SSLSession session) { return true; } }); SSLContext context = SSLContext.getInstance("TLS"); context.init(null, new X509TrustManager[]{new X509TrustManager() { public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { try { chain[0].checkValidity(); } catch (final Exception e) { mActivity.runOnUiThread(new Runnable() { @Override public void run() { AlertDialog.Builder builder = new AlertDialog.Builder(mActivity); AlertDialog alertDialog = builder.create(); alertDialog.setCancelable(false); String message = "There a problem with the security certificate for this web site."; message += "\\nDo you want to continue anyway?"; alertDialog.setTitle("SSL Certificate Error"); alertDialog.setMessage(message); alertDialog.setButton(DialogInterface.BUTTON_POSITIVE, "OK", new DialogInterface.OnClickListener() { @Override public void onClick(DialogInterface dialog, int which) { acceptSSL = true; return; } }); alertDialog.setButton(DialogInterface.BUTTON_NEGATIVE, "Cancel", new DialogInterface.OnClickListener() { @Override public void onClick(DialogInterface dialog, int which) { acceptSSL = true; task.onInterruptedDownload(); } }); alertDialog.show(); } }); while( !acceptSSL){ try{ Thread.sleep(1000); } catch( InterruptedException er) { } } } } public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } }}, new SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory()); } catch (Exception e) { // should never happen e.printStackTrace(); } }
在調用Jsoup之前先調用此方法。 Google Play上的SSL警告也消失了。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.