【问题标题】:How to pass unsafe HttpClient to Volley request in Android如何在 Android 中将不安全的 HttpClient 传递给 Volley 请求
【发布时间】:2020-01-29 09:38:35
【问题描述】:

我正在使用 Android 应用程序开发,并且我的应用程序包含用于进行 API 调用的 Volley 库,但我面临着 SSL 的挑战:我在代码中使用的 url 的自签名证书问题。但它通过传递“不安全的HttpClient”在另一个带有Retrofit库的项目中工作,所以请告诉我如何解决这个问题或者如何将“不安全的HttpClient”传递给Volley以进行API调用。

【问题讨论】:

  • 你好@Suresh。我假设您的应用程序运行良好,并且您在 Logcat 中收到警告。还是您的应用程序根本不工作?
  • 我的应用程序根本无法运行,这是我遇到的错误。 javax.net.ssl.SSLHandshakeException:java.security.cert.CertPathValidatorException:找不到证书路径的信任锚。

标签: android retrofit android-volley retrofit2 httpclient


【解决方案1】:

尝试在应用程序标记中将其添加到您的 AndoidManifest.xml 中:-

 <uses-library
        android:name="org.apache.http.legacy"
        android:required="false" />

【讨论】:

    【解决方案2】:

    我发现它对我有用,请让我知道这里有什么问题。这是拨打电话需要添加的代码。

    final String url = "YOUR URL";
        RequestQueue queue = Volley.newRequestQueue(this, getHttpStack(url));
        // prepare the Request
        JsonObjectRequest getRequest = new JsonObjectRequest(Request.Method.GET, url, null,
                new Response.Listener<JSONObject>() {
                    @Override
                    public void onResponse(JSONObject response) {
                        // display response
                        Log.e("test", "Response" + response.toString());
                    }
                },
                new Response.ErrorListener() {
                    @Override
                    public void onErrorResponse(VolleyError error) {
                        Log.e("test", "Error.Response: " + error.getMessage());
                    }
                }
        );
    
        queue.add(getRequest);
    

    这里是方法,需要在代码中添加。

    private HurlStack getHttpStack(String urlToValidate) {
        URL url = null;
        try {
            url = new URL(urlToValidate);
        } catch (MalformedURLException e) {
            e.printStackTrace();
        }
        final String baseUrl = url.getAuthority();
        return new HurlStack() {
            @Override
            protected HttpURLConnection createConnection(final java.net.URL url)
                    throws IOException {
                HttpsURLConnection httpsURLConnection = (HttpsURLConnection) super
                        .createConnection(url);
                try {
                    httpsURLConnection
                            .setSSLSocketFactory(handleSSLHandshake(httpsURLConnection));
                    httpsURLConnection.setHostnameVerifier(new HostnameVerifier() {
                        @Override
                        public boolean verify(String hostname, SSLSession session) {
                            //return true;
                            HostnameVerifier hv =
                                    HttpsURLConnection.getDefaultHostnameVerifier();
                            return hv.verify(baseUrl, session);
                        }
                    });
                } catch (Exception e) {
                    e.printStackTrace();
                }
                return httpsURLConnection;
            }
        };
    }
    
    @SuppressLint("TrulyRandom")
    public static SSLSocketFactory handleSSLHandshake(HttpsURLConnection connection) {
        try {
            TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
                public X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }
    
                @Override
                public void checkClientTrusted(X509Certificate[] certs, String authType) {
                }
    
                @Override
                public void checkServerTrusted(X509Certificate[] certs, String authType) {
                }
            }};
    
            SSLContext sc = SSLContext.getInstance("SSL");
            sc.init(null, trustAllCerts, new SecureRandom());
            HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
            HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
                @Override
                public boolean verify(String arg0, SSLSession arg1) {
                    Log.e("test", "RETURN TRUE: ");
                    return true;
                }
            });
            sc.init(null, trustAllCerts, new java.security.SecureRandom());
            SSLSocketFactory newFactory = sc.getSocketFactory();
            connection.setSSLSocketFactory(newFactory);
        } catch (Exception ignored) {
        }
    
        return connection.getSSLSocketFactory();
    
    }
    

    【讨论】:

      猜你喜欢
      • 2016-02-03
      • 1970-01-01
      • 2020-05-17
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 2018-07-02
      • 1970-01-01
      相关资源
      最近更新 更多