Java 使用 HttpsURLConnection 忽略 ssl 证书的方法
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/33084855/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
way to Ignore ssl certificate using HttpsURLConnection
提问by androidAhmed
I use two approaches to try to consumes HTTPS URL:
我使用两种方法来尝试使用 HTTPS URL:
The old deprecated and return response with the right values.
旧的已弃用并返回具有正确值的响应。
Here is the code it didn't need ignore ssl certificate it ignore it by itself or may use other technique:
这是它不需要忽略ssl证书的代码,它自己忽略它或可能使用其他技术:
public String newApiPost(String url,String p1,String p2,String p3){
HttpClient httpClient = new DefaultHttpClient();
// replace with your url
HttpPost httpPost = new HttpPost(url);
//Post Data
List<NameValuePair> nameValuePair = new ArrayList<NameValuePair>
();
nameValuePair.add(new BasicNameValuePair("cliend_id",p1));
nameValuePair.add(new BasicNameValuePair("client_secret", p2));
nameValuePair.add(new BasicNameValuePair("key",p3));
//Encoding POST data
try {
httpPost.setEntity(new UrlEncodedFormEntity(nameValuePair));
} catch (UnsupportedEncodingException e) {
// log exception
e.printStackTrace();
}
//making POST request.
try {
HttpResponse response = httpClient.execute(httpPost);
HttpEntity httpEntity = response.getEntity();
String result = EntityUtils.toString(httpEntity,
HTTP.UTF_8);
Log.d("response", result);
// write response to log
Log.d("zzuu", result.toString());
} catch (ClientProtocolException e) {
// Log exception
e.printStackTrace();
} catch (IOException e) {
// Log exception
e.printStackTrace();
Log.d("dddfg", e.toString());
}catch (Exception e){
Log.d("dddfg", e.toString());
}
return "";
}
Then I used un-deprecated method HttpsUrlConnections which need ignore ssl certificate I use many way but didn't work:
然后我使用了不推荐使用的方法 HttpsUrlConnections ,它需要忽略 ssl 证书我使用了很多方法但没有用:
public void sendNew (String urls,String paramValue1,String
paramValue2,String paramValue3){
URL url = null;
BufferedReader reader = null;
StringBuilder stringBuilder;
String data="";
try {
url = new URL(urls);
HttpsURLConnection conn = (HttpsURLConnection)
url.openConnection();
conn.setReadTimeout(10000);
conn.setConnectTimeout(15000);
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-Type", "application/x-www-form-
urlencoded");
conn.setRequestProperty("charset", "utf-8");
conn.setDoInput(true);
conn.setDoOutput(true);
Uri.Builder builder = new Uri.Builder()
.appendQueryParameter("cliend_id", paramValue1)
.appendQueryParameter("client_secret", paramValue2)
.appendQueryParameter("apikey", paramValue3);
String query = builder.build().getEncodedQuery();
OutputStream os = conn.getOutputStream();
BufferedWriter writer = new BufferedWriter(
new OutputStreamWriter(os, "UTF-8"));
writer.write(query);
writer.flush();
writer.close();
os.close();
conn.connect();
reader = new BufferedReader(new
InputStreamReader(conn.getErrorStream()));
stringBuilder = new StringBuilder();
String line = null;
while ((line = reader.readLine()) != null)
{
stringBuilder.append(line + "\n");
}
data= stringBuilder.toString();
Log.d("zzuu", data);
} catch (MalformedURLException e) {
e.printStackTrace();
} catch (ProtocolException e) {
e.printStackTrace();
Log.d("dddfg", e.toString());
} catch (IOException e) {
e.printStackTrace();
Log.d("dddfg", e.toString());
}catch (Exception e){
Log.d("dddfg", e.toString());
}
}
It responds with this error:
它响应此错误:
10-12 17:06:06.135 16052-16075/ W/System.err﹕ java.io.IOException: Hostname 'xxxxxxxx' was not verified
10-12 17:06:06.139 16052-16075/ W/System.err﹕ at libcore.net.http.HttpConnection.verifySecureSocketHostname(HttpConnection.java:223)
10-12 17:06:06.139 16052-16075/ W/System.err﹕ at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.connect(HttpsURLConnectionImpl.java:446)
10-12 17:06:06.139 16052-16075/ W/System.err﹕ at libcore.net.http.HttpEngine.sendSocketRequest(HttpEngine.java:290)
10-12 17:06:06.170 16052-16075/ W/System.err﹕ at libcore.net.http.HttpEngine.sendRequest(HttpEngine.java:240)
10-12 17:06:06.171 16052-16075/ W/System.err﹕ at libcore.net.http.HttpURLConnectionImpl.getResponse(HttpURLConnectionImpl.java:292)
10-12 17:06:06.175 16052-16075/ W/System.err﹕ at libcore.net.http.HttpURLConnectionImpl.getInputStream(HttpURLConnectionImpl.java:185)
10-12 17:06:06.175 16052-16075/ W/System.err﹕ at libcore.net.http.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:271)
10-12 17:06:06.176 16052-16075/ W/System.err﹕ at ubicall.sand.ubicall.helper.JSONParser.method(JSONParser.java:422)
10-12 17:06:06.177 16052-16075/ W/System.err﹕ at ubicall.sand.ubicall.activity.SplashActivity$Access.doInBackground(SplashActivity.java:111)
10-12 17:06:06.177 16052-16075/ W/System.err﹕ at ubicall.sand.ubicall.activity.SplashActivity$Access.doInBackground(SplashActivity.java:106)
10-12 17:06:06.177 16052-16075/ W/System.err﹕ at android.os.AsyncTask.call(AsyncTask.java:287)
I didn't understand when problem exactly it work good in restclient and postman the data send in body of url using post method then I discover that I need ignore ssl certificate when using HttpsURLConnection but I try many way to ignore but didn't work
我不明白什么时候问题在restclient和邮递员中运行良好,使用post方法在url正文中发送数据然后我发现我在使用HttpsURLConnection时需要忽略ssl证书但我尝试了很多方法来忽略但没有用
I use
private void trustEveryone() {
try {
HttpsURLConnection.setDefaultHostnameVerifier(new
HostnameVerifier(){
public boolean verify(String hostname, SSLSession session)
{
return true;
}});
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, new X509TrustManager[]{new
X509TrustManager(){
public void checkClientTrusted(X509Certificate[] chain,
String authType) throws
CertificateException {}
public void checkServerTrusted(X509Certificate[] chain,
String authType) throws
CertificateException {}
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}}}, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(
context.getSocketFactory());
} catch (Exception e) { // should never happen
e.printStackTrace();
}
}
采纳答案by BNK
From your logcat information, I think you should read the following links:
从您的 logcat 信息中,我认为您应该阅读以下链接:
It is to be used during a handshake if the URL's hostname does not match the peer's identification hostname.
Common Problems with Hostname Verification
One reason this can happen is due to a server configuration error. The server is configured with a certificate that does not have a subject or subject alternative name fields that match the server you are trying to reach...
如果 URL 的主机名与对等方的标识主机名不匹配,它将在握手期间使用。
发生这种情况的原因之一是服务器配置错误。服务器配置的证书没有与您尝试访问的服务器匹配的主题或主题备用名称字段...
Then, you can refer to my answer to the following question:
那么,您可以参考我对以下问题的回答:
EDIT:Relating to your idea 'ignore ssl', you can try the following (however, it's said that this is not recommended):
编辑:关于您的想法“忽略 ssl”,您可以尝试以下操作(但是,据说不推荐这样做):
public class HttpsTrustManager implements X509TrustManager {
private static TrustManager[] trustManagers;
private static final X509Certificate[] _AcceptedIssuers = new X509Certificate[]{};
@Override
public void checkClientTrusted(
X509Certificate[] x509Certificates, String s)
throws java.security.cert.CertificateException {
}
@Override
public void checkServerTrusted(
X509Certificate[] x509Certificates, String s)
throws java.security.cert.CertificateException {
}
public boolean isClientTrusted(X509Certificate[] chain) {
return true;
}
public boolean isServerTrusted(X509Certificate[] chain) {
return true;
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return _AcceptedIssuers;
}
public static void allowAllSSL() {
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
});
SSLContext context = null;
if (trustManagers == null) {
trustManagers = new TrustManager[]{new HttpsTrustManager()};
}
try {
context = SSLContext.getInstance("TLS");
context.init(null, trustManagers, new SecureRandom());
} catch (NoSuchAlgorithmException | KeyManagementException e) {
e.printStackTrace();
}
HttpsURLConnection.setDefaultSSLSocketFactory(context != null ? context.getSocketFactory() : null);
}
}
Then, in your activity, call HttpsTrustManager.allowAllSSL();
然后,在您的活动中,调用 HttpsTrustManager.allowAllSSL();
