Android DefaultHttpClient 接受 SSL 会话帮助的所有证书
我正在尝试使用 Android 设备上的 apache DefaultHttpClient 连接到本地 HTTPS 服务器。
DefaultHttpClient httpclient = new DefaultHttpClient();
HttpPost httppost = new HttpPost("http://192.168.1.121:4113/services");
... header and content filling in ...
HttpResponse response = httpclient.execute(httppost);
.execute 运行时出现“javax.net.ssl SSLException:不受信任的服务器证书”错误。我只想允许任何证书工作,无论它是否在 android 钥匙链中。
我花了大约 40 个小时研究并试图找到解决此问题的方法。我见过很多关于如何做到这一点的例子,但到目前为止还没有一个在 Android 上有效。他们似乎只适用于JAVA。有谁知道如何配置或覆盖 Android 中 Apache HttpClient 使用的证书验证,以便它只批准 DefaultHttpClient 连接的所有证书?
我感谢你的善意回复
I am attempting to connect to a local HTTPS server using the apache DefaultHttpClient on a Android device.
DefaultHttpClient httpclient = new DefaultHttpClient();
HttpPost httppost = new HttpPost("http://192.168.1.121:4113/services");
... header and content filling in ...
HttpResponse response = httpclient.execute(httppost);
I am getting an error of "javax.net.ssl SSLException: Not trusted server certificate" when the .execute runs. I want to simply allow any certificate to work, regardless of if it is or is not in the android key chain.
I have spent about 40 hours researching and trying to figure out a workaround for this issue. I have seen many examples of how to do this but none so far have worked in Android; they seem to only work for JAVA. Does anyone know how to configure, or override the certificate validation used by the Apache HttpClient in Android so that it will just approve all certificates for a DefaultHttpClient connection?
I thank you for your kind response
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
如果有人仍在试图解决这个问题,我最终会在这里找到解决方案:
使用 Android 和自签名服务器证书的 HTTPS GET (SSL)
向下滚动到 SimonJ 的解决方案。这是解决此问题的简单直接的解决方案。
If anyone is still trying to figure this out I ended up going with the solution here:
HTTPS GET (SSL) with Android and self-signed server certificate
Scroll down to the solution by SimonJ. It is a simple straight forward solution to this problem.
查看本教程 http://blog.antoine。 li/index.php/2010/10/android-trusting-ssl-certificates/
该教程基于 Apache 的 HttpClient,并解释了如何使用 SSLSocketFactory 来信任您自己的密钥库中定义的证书(还解释了如何可以使用 BouncyCastle 提供商创建它)。
我已经测试过了,效果很好。在我看来,这是安全的方式。
Look at this tutorial http://blog.antoine.li/index.php/2010/10/android-trusting-ssl-certificates/
The tutorial is based on Apache's HttpClient and explains how to use the SSLSocketFactory to trust the defined certificates in your own keystore (also explained how you can create it with the BouncyCastle provider).
I've tested it and it works great. In my opinion this is the secure way.