1. webview SSL 验证
@Override
public void onReceivedSslError(WebView view, SslErrorHandler handler,
SslError error) {
super.onReceivedSslError(view, handler, error);
//handler.cancel(); 默认的处理方式,WebView变成空白页
//handleMessage(Message msg); 其他处理
handler.proceed();
}
2. httpclient SSL 验证
private static HttpClient getNewHttpClient() {
// return an HttpClient configured to accept All SSL Certificates
try {
HttpParams params = new BasicHttpParams();
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory
.getSocketFactory(), 80));
registry.register(new Scheme("https", MySslSocketFactory
.getSSLSocketFactory(), 443));
ClientConnectionManager ccm = new ThreadSafeClientConnManager(
params, registry);
// HttpClient httpClient = new
// org.apache.http.impl.client.ContentEncodingHttpClient(ccm,
// params); // throws EOFException in 4.1.1 (fixed in 4.1.2 ?)
DefaultHttpClient httpClient = new DefaultHttpClient(ccm, params);
// httpClient.addResponseInterceptor(new
// GzipHttpResponseInterceptor());
return httpClient;
} catch (IOException e) {
AppUtils.LogD("Couldnt set up SSL properly");
return new DefaultHttpClient();
}
}
其中 类MySslSocketFactory
import java.io.IOException;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.SSLSocketFactory;
public class MySslSocketFactory extends SSLSocketFactory
{
private static MySslSocketFactory instance;
private final SSLContext sslContext = SSLContext.getInstance("TLS");
public static MySslSocketFactory getSSLSocketFactory() throws IOException
{
if (instance == null)
{
try
{
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
trustStore.load(null, null);
instance = new MySslSocketFactory(trustStore);
instance.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
}
catch (CertificateException e)
{
throw new IOException("Couldnt set up SSL properly", e);
}
catch (KeyStoreException e)
{
throw new IOException("Couldnt set up SSL properly", e);
}
catch (NoSuchAlgorithmException e)
{
throw new IOException("Couldnt set up SSL properly", e);
}
catch (KeyManagementException e)
{
throw new IOException("Couldnt set up SSL properly", e);
}
catch (UnrecoverableKeyException e)
{
throw new IOException("Couldnt set up SSL properly", e);
}
}
return instance;
}
private MySslSocketFactory(KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
{
super(truststore);
TrustManager tm = new X509TrustManager()
{
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException
{
// accept
}
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException
{
// accept
}
public X509Certificate[] getAcceptedIssuers()
{
return null;
}
};
sslContext.init(null, new TrustManager[] { tm }, null);
}
@Override
public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException
{
return sslContext.getSocketFactory().createSocket(socket, host, port, autoClose);
}
@Override
public Socket createSocket() throws IOException
{
return sslContext.getSocketFactory().createSocket();
}
}