证书获取
1. 从网页获取
在chrome浏览器打开服务地址,Ctrl+Shift+I
打开开发者工具,选择Security->View certificate
下载证书;
2. 找网站开发者(后台)要☺
保存证书文件到assets目录下
设置证书,并信任所有证书
OkHttpClient.Builder builder = new OkHttpClient.Builder();
try {
//设置证书
setCertificates(builder, Utils.getApp().getAssets().open(BuildConfig.HTTPS_FILENAME));
//信任所有证书
builder.hostnameVerifier((hostname, session) -> true);
} catch (Exception e) {
e.printStackTrace();
}
获取证书代码
* 通过okhttpClient来设置证书
*
* @param clientBuilder OKhttpClient.builder
* @param certificates 读取证书的InputStream
*/
private static void setCertificates(OkHttpClient.Builder clientBuilder, InputStream... certificates) {
try {
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null);
int index = 0;
for (InputStream certificate : certificates) {
String certificateAlias = Integer.toString(index++);
keyStore.setCertificateEntry(certificateAlias, certificateFactory
.generateCertificate(certificate));
try {
if (certificate != null)
certificate.close();
} catch (IOException e) {
e.printStackTrace();
}
}
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(
TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
throw new IllegalStateException("Unexpected default trust managers:"
+ Arrays.toString(trustManagers));
}
X509TrustManager trustManager = (X509TrustManager) trustManagers[0];
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());
SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
clientBuilder.sslSocketFactory(sslSocketFactory, trustManager);
} catch (Exception e) {
e.printStackTrace();
}
}