1、带证书验证
public class OkHttpManager {
public static final String TAG = "OkHttpManager";
public static final String CERT_ALIAS = "NCB";
public static final int CONNECT_TIME_OUT_60 = 60;
public static final int READ_TIME_OUT_60 = 60;
public static final int WRITE_TIME_OUT_60 = 60;
public static final int CONNECT_TIME_OUT_10 = 10;
public static final int READ_TIME_OUT_10 = 10;
public static final int WRITE_TIME_OUT_10 = 10;
private static OkHttpManager instance = null;
private static final Object INSTANCE_LOCK = new Object();
public static OkHttpManager getInstance() {
if (instance == null) {
synchronized (INSTANCE_LOCK) {
if (instance == null) {
instance = new OkHttpManager();
}
}
}
return instance;
}
public ArrayList<Certificate> getCertificatesFromAssets(Context context) {
ArrayList<Certificate> certificates = new ArrayList<>();
try {
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
AssetManager am = context.getAssets();
String certPathMain = "ncb_certs";
String[] listMain = am.list(certPathMain);
for (int i = 0; i < listMain.length; i++) {
certificates.add(certificateFactory.generateCertificate(am.open(certPathMain + "/" + listMain[i])));
LogUtils.i(TAG, "public cer name:" + certPathMain + "/" + listMain[i]);
}
String certPath = null;
if (BuildConfig.FLAVOR.equals(BUILD_FLAVOR_PROD)) {
certPath = "ncb_certs_prod";
} else if (BuildConfig.FLAVOR.equals(BUILD_FLAVOR_SIT)) {
certPath = "ncb_certs_sit";
} else {
certPath = "ncb_certs_uat";
}
String[] list = am.list(certPath);
for (int i = 0; i < list.length; i++) {
certificates.add(certificateFactory.generateCertificate(am.open(certPath + "/" + list[i])));
LogUtils.i(TAG, "private cer name:" + certPath + "/" + list[i]);
}
certPath = "certs";
String[] list_certs = am.list(certPath);
for (int i = 0; i < list_certs.length; i++) {
certificates.add(certificateFactory.generateCertificate(am.open(certPath + "/" + list_certs[i])));
LogUtils.i(TAG, "certs name:" + certPath + "/" + list_certs[i]);
}
return certificates;
} catch (Exception e) {
if (BuildConfig.isLogDebug) {
e.printStackTrace();
}
}
return null;
}
public OkHttpClient.Builder getOkHttpClientBuilderWithCerts(Context context, int connectTimeOut, int readTimeOut, int writeTimeOut) {
OkHttpClient.Builder builder = new OkHttpClient.Builder();
try {
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null);
ArrayList<Certificate> localCerts = getCertificatesFromAssets(context);
for (int i = 0; i < localCerts.size(); i++) {
keyStore.setCertificateEntry(CERT_ALIAS + i, localCerts.get(i));
}
SSLContext sslContext = SSLContext.getInstance("TLS");
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
sslContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());
SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
final X509TrustManager trustManager = new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
};
builder.sslSocketFactory(sslSocketFactory, trustManager);
HostnameVerifier hostnameVerifier = new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
builder.hostnameVerifier(hostnameVerifier);
builder.connectTimeout(connectTimeOut, TimeUnit.SECONDS)
.readTimeout(readTimeOut, TimeUnit.SECONDS)
.writeTimeout(writeTimeOut, TimeUnit.SECONDS);
return builder;
} catch (Exception e) {
if (BuildConfig.isLogDebug) {
e.printStackTrace();
}
}
return null;
}
}
2、忽略证书验证
public class OkHttpManager {
public static final String TAG = "OkHttpManager";
public static final String CERT_ALIAS = "NCB";
public static final int CONNECT_TIME_OUT_60 = 60;
public static final int READ_TIME_OUT_60 = 60;
public static final int WRITE_TIME_OUT_60 = 60;
public static final int CONNECT_TIME_OUT_10 = 10;
public static final int READ_TIME_OUT_10 = 10;
public static final int WRITE_TIME_OUT_10 = 10;
private static OkHttpManager instance = null;
private static final Object INSTANCE_LOCK = new Object();
public static OkHttpManager getInstance() {
if (instance == null) {
synchronized (INSTANCE_LOCK) {
if (instance == null) {
instance = new OkHttpManager();
}
}
}
return instance;
}
public OkHttpClient.Builder getOkHttpClientBuilderNoCerts(Context context, int connectTimeOut, int readTimeOut, int writeTimeOut) {
OkHttpClient.Builder builder = new OkHttpClient.Builder();
try {
final X509TrustManager trustManager = new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
X509Certificate[] x509Certificates = new X509Certificate[0];
return x509Certificates;
}
};
SSLContext sslContext = null;
sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, new TrustManager[]{trustManager}, new SecureRandom());
builder.sslSocketFactory(sslContext.getSocketFactory(), trustManager);
HostnameVerifier hostnameVerifier = new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
builder.hostnameVerifier(hostnameVerifier);
builder.connectTimeout(connectTimeOut, TimeUnit.SECONDS)
.readTimeout(readTimeOut, TimeUnit.SECONDS)
.writeTimeout(writeTimeOut, TimeUnit.SECONDS);
return builder;
} catch (Exception e) {
if (BuildConfig.isLogDebug) {
e.printStackTrace();
}
}
return null;
}
}
WebView忽略本身自带证书验证
webView.setWebViewClient(new WebViewClient() {
@Override
public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {
if (handler != null) {
handler.proceed();
}
}
});
|