android请求https(二)使用HttpClient 请求https
2015-06-29 22:41
651 查看
上一篇文章已经介绍了如何生成android 可以用的BKS的密匙,如果不会的请看我上一篇文章android请求https(一)生成BKS。
单向验证服务器证书
用于生成HttpClient
import java.io.InputStream;
import java.security.KeyStore;
import org.apache.http.HttpVersion;
import org.apache.http.client.HttpClient;
import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.scheme.PlainSocketFactory;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager;
import org.apache.http.params.BasicHttpParams;
import org.apache.http.params.CoreConnectionPNames;
import org.apache.http.params.HttpParams;
import org.apache.http.params.HttpProtocolParams;
import org.apache.http.protocol.HTTP;
import android.content.Context;
import android.util.Log;
public class HttpClientEx {
private static final String KEY_STORE_TRUST_PATH = "suma.bks";// 客户端验证服务器端的证书密匙
private static final String KEY_STORE_PASSWORD = "123456";// 客户端证书密码
/**
*
* @param reqTimeOutMs
* 请求超时时间
* @param ackTimeOutMs
* 回复超时时间
* @return
*/
public static HttpClient getNewHttpClient(Context context,
long reqTimeOutMs, long ackTimeOutMs) {
try {
KeyStore trustStore = KeyStore.getInstance("bks");//KeyStore.getDefaultType() 默认JKS
InputStream tsIn = context.getResources().getAssets()
.open(KEY_STORE_TRUST_PATH);
trustStore.load(tsIn, KEY_STORE_PASSWORD.toCharArray());
SSLSocketFactory sf = new SSLSocketFactoryEx(trustStore);
sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
HttpParams params = new BasicHttpParams();
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_0);
HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);
// 请求超时
params.setParameter(CoreConnectionPNames.CONNECTION_TIMEOUT,
(int) reqTimeOutMs);
// 读取超时
params.setParameter(CoreConnectionPNames.SO_TIMEOUT,
(int) ackTimeOutMs);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory
.getSocketFactory(), 80));
registry.register(new Scheme("https", sf, 8443));
ClientConnectionManager ccm = new ThreadSafeClientConnManager(
params, registry);
return new DefaultHttpClient(ccm, params);
} catch (Exception e) {
Log.d("suma", e.getMessage());
return new DefaultHttpClient();
}
}
}
如果无需验证证书的话,只要把加载密匙代码改为以下就可以了 trustStore.load(null, null);
代码是博主在网上查看资料后调通的,非原创。
生成HttpClient后怎么请求就不需要博主强调了吧,网上很多资料大家可以自己搜索,就和普通的http请求一样,多锻炼下查资料,调通代码的能力是很重要的。
附上一个资料地址内含双向请求验证Android HTTPS SSL双向验证
单向验证服务器证书
用于生成HttpClient
import java.io.InputStream;
import java.security.KeyStore;
import org.apache.http.HttpVersion;
import org.apache.http.client.HttpClient;
import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.scheme.PlainSocketFactory;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager;
import org.apache.http.params.BasicHttpParams;
import org.apache.http.params.CoreConnectionPNames;
import org.apache.http.params.HttpParams;
import org.apache.http.params.HttpProtocolParams;
import org.apache.http.protocol.HTTP;
import android.content.Context;
import android.util.Log;
public class HttpClientEx {
private static final String KEY_STORE_TRUST_PATH = "suma.bks";// 客户端验证服务器端的证书密匙
private static final String KEY_STORE_PASSWORD = "123456";// 客户端证书密码
/**
*
* @param reqTimeOutMs
* 请求超时时间
* @param ackTimeOutMs
* 回复超时时间
* @return
*/
public static HttpClient getNewHttpClient(Context context,
long reqTimeOutMs, long ackTimeOutMs) {
try {
KeyStore trustStore = KeyStore.getInstance("bks");//KeyStore.getDefaultType() 默认JKS
InputStream tsIn = context.getResources().getAssets()
.open(KEY_STORE_TRUST_PATH);
trustStore.load(tsIn, KEY_STORE_PASSWORD.toCharArray());
SSLSocketFactory sf = new SSLSocketFactoryEx(trustStore);
sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
HttpParams params = new BasicHttpParams();
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_0);
HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);
// 请求超时
params.setParameter(CoreConnectionPNames.CONNECTION_TIMEOUT,
(int) reqTimeOutMs);
// 读取超时
params.setParameter(CoreConnectionPNames.SO_TIMEOUT,
(int) ackTimeOutMs);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory
.getSocketFactory(), 80));
registry.register(new Scheme("https", sf, 8443));
ClientConnectionManager ccm = new ThreadSafeClientConnManager(
params, registry);
return new DefaultHttpClient(ccm, params);
} catch (Exception e) {
Log.d("suma", e.getMessage());
return new DefaultHttpClient();
}
}
}
如果无需验证证书的话,只要把加载密匙代码改为以下就可以了 trustStore.load(null, null);
import java.io.IOException; import java.net.Socket; import java.net.UnknownHostException; import java.security.KeyManagementException; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.UnrecoverableKeyException; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; import org.apache.http.conn.ssl.SSLSocketFactory; public class SSLSocketFactoryEx extends SSLSocketFactory { SSLContext sslContext = SSLContext.getInstance("TLS"); public SSLSocketFactoryEx(KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { super(truststore); TrustManager tm = new X509TrustManager() { @Override public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkClientTrusted( java.security.cert.X509Certificate[] chain, String authType) throws java.security.cert.CertificateException { } @Override public void checkServerTrusted( java.security.cert.X509Certificate[] chain, String authType) throws java.security.cert.CertificateException { } }; sslContext.init(null, new TrustManager[] { tm }, null); } @Override public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException { return sslContext.getSocketFactory().createSocket(socket, host, port, autoClose); } @Override public Socket createSocket() throws IOException { return sslContext.getSocketFactory().createSocket(); } }
代码是博主在网上查看资料后调通的,非原创。
生成HttpClient后怎么请求就不需要博主强调了吧,网上很多资料大家可以自己搜索,就和普通的http请求一样,多锻炼下查资料,调通代码的能力是很重要的。
附上一个资料地址内含双向请求验证Android HTTPS SSL双向验证
相关文章推荐
- 使用C++实现JNI接口需要注意的事项
- Android IPC进程间通讯机制
- Android Manifest 用法
- [转载]Activity中ConfigChanges属性的用法
- Android之获取手机上的图片和视频缩略图thumbnails
- Android之使用Http协议实现文件上传功能
- Android学习笔记(二九):嵌入浏览器
- android string.xml文件中的整型和string型代替
- i-jetty环境搭配与编译
- android之定时器AlarmManager
- android wifi 无线调试
- Android Native 绘图方法
- Android java 与 javascript互访(相互调用)的方法例子
- android 代码实现控件之间的间距
- android FragmentPagerAdapter的“标准”配置
- Android"解决"onTouch和onClick的冲突问题
- android:installLocation简析
- android searchView的关闭事件
- SourceProvider.getJniDirectories