Glide\u52a0\u8f7dhttps\u56fe\u7247\uff1ahttps:\/\/futurestud.io\/tutorials\/glide-module-example-accepting-self-signed-https-certificates#0<\/a><\/p>\n Android 5.0\u4ee5\u4e0bGlide\u52a0\u8f7dhttps\u56fe\u7247\u62a5\u9519\uff1a<\/p>\n <\/p>\n https\u5355\u5411\u8ba4\u8bc1\u95ee\u9898\u3002Android 4.4\u6ca1\u6709\u542f\u7528TLSv1.1 \u548c TLSv1.2 \u4f20\u8f93\u5c42\u5b89\u5168\u534f\u8bae\uff1ahttps:\/\/developer.android.com\/reference\/javax\/net\/ssl\/SSLSocket<\/a><\/p>\n \u53ef\u4ee5\u770b\u51fa\u867d\u7136Android 16\u5c31\u5df2\u7ecf\u652f\u6301TLS1.1\u548cTLS1.2\uff0c\u4f46\u662f\u9ed8\u8ba4\u5e76\u6ca1\u6709\u5f00\u542f\uff0cAPI 20\u624d\u9ed8\u8ba4\u5f00\u542f<\/p>\n \u95ee\u9898\u63cf\u8ff0 Glide\u52a0\u8f7dhttps\u56fe\u7247\uff1ahttps:\/\/futurestud.io\/tutorials\/gli […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[206],"tags":[],"class_list":["post-1257","post","type-post","status-publish","format-standard","hentry","category-android-image-loader"],"_links":{"self":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts\/1257","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/comments?post=1257"}],"version-history":[{"count":0,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts\/1257\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/media?parent=1257"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/categories?post=1257"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/tags?post=1257"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}class com.bumptech.glide.load.engine.GlideException: Failed to load resource\n There were 2 causes:\n javax.net.ssl.SSLHandshakeException(javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x5dbb9b40: Failure in SSL library, usually a protocol error\n error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external\/openssl\/ssl\/s23_clnt.c:741 0x59da6890:0x00000000))<\/code><\/pre>\n\u95ee\u9898\u539f\u56e0<\/h2>\n
\n\n
\n \nProtocol<\/th>\n Supported (API Levels)<\/th>\n Enabled by default (API Levels)<\/th>\n<\/tr>\n<\/thead>\n \n SSLv3<\/td>\n 1\u201325<\/td>\n 1\u201322<\/td>\n<\/tr>\n \n TLSv1<\/td>\n 1+<\/td>\n 1+<\/td>\n<\/tr>\n \n TLSv1.1<\/td>\n 16+<\/td>\n 20+<\/td>\n<\/tr>\n \n TLSv1.2<\/td>\n 16+<\/td>\n 20+<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n \u95ee\u9898\u89e3\u51b3<\/h2>\n
\u4e3a\u8bf7\u6c42\u7684\u7f51\u7edc\u5ba2\u6237\u7aef\u8bbe\u7f6e\u4e00\u4e2a\u7279\u6b8a\u7684SSLSocketFactory<\/h3>\n
public class Tls12SocketFactory extends SSLSocketFactory {\n private static final String[] TLS_SUPPORT_VERSION = {"TLSv1.1", "TLSv1.2"};\n\n final SSLSocketFactory delegate;\n\n public Tls12SocketFactory(SSLSocketFactory base) {\n this.delegate = base;\n }\n\n @Override\n public String[] getDefaultCipherSuites() {\n return delegate.getDefaultCipherSuites();\n }\n\n @Override\n public String[] getSupportedCipherSuites() {\n return delegate.getSupportedCipherSuites();\n }\n\n @Override\n public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException {\n return patch(delegate.createSocket(s, host, port, autoClose));\n }\n\n @Override\n public Socket createSocket(String host, int port) throws IOException, UnknownHostException {\n return patch(delegate.createSocket(host, port));\n }\n\n @Override\n public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException, UnknownHostException {\n return patch(delegate.createSocket(host, port, localHost, localPort));\n }\n\n @Override\n public Socket createSocket(InetAddress host, int port) throws IOException {\n return patch(delegate.createSocket(host, port));\n }\n\n @Override\n public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {\n return patch(delegate.createSocket(address, port, localAddress, localPort));\n }\n\n private Socket patch(Socket s) {\n if (s instanceof SSLSocket) {\n ((SSLSocket) s).setEnabledProtocols(TLS_SUPPORT_VERSION);\n }\n return s;\n }\n}<\/code><\/pre>\n\u8bbe\u7f6eOkHttpClient<\/h3>\n
public class SSLHelper {\n\n private static X509TrustManager getDefaultTrustManager() {\n try {\n TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(\n TrustManagerFactory.getDefaultAlgorithm());\n trustManagerFactory.init((KeyStore) null);\n TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();\n if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {\n throw new IllegalStateException("Unexpected default trust managers:"\n + Arrays.toString(trustManagers));\n }\n return (X509TrustManager) trustManagers[0];\n } catch (GeneralSecurityException e) {\n throw new AssertionError(); \/\/ The system has no TLS. Just give up.\n }\n }\n\n private static TrustManager[] getTrustManagers(InputStream... certificates) {\n if (certificates == null || certificates.length <= 0) return null;\n try {\n \/\/\u6784\u9020CertificateFactory\u5bf9\u8c61\n CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");\n KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());\n keyStore.load(null);\n int index = 0;\n for (InputStream certificate : certificates) {\n String certificateAlias = Integer.toString(index++);\n \/\/\u5f97\u5230Certificate\u5e76\u653e\u5165\u5230keyStore\u4e2d\n keyStore.setCertificateEntry(certificateAlias, certificateFactory.generateCertificate(certificate));\n try {\n if (certificate != null)\n certificate.close();\n } catch (IOException e) {\n }\n }\n \/\/\u5229\u7528keyStore\u521d\u59cb\u5316TrustManagerFactory\n TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());\n trustManagerFactory.init(keyStore);\n TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();\n return trustManagers;\n } catch (NoSuchAlgorithmException e) {\n e.printStackTrace();\n } catch (CertificateException e) {\n e.printStackTrace();\n } catch (KeyStoreException e) {\n e.printStackTrace();\n } catch (Exception e) {\n e.printStackTrace();\n }\n return null;\n }\n\n public static OkHttpClient.Builder enableTls12OnPreLollipop(OkHttpClient.Builder client, InputStream... certificates) {\n if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN && Build.VERSION.SDK_INT < Build.VERSION_CODES.LOLLIPOP) {\n Tls12SocketFactory socketFactory = null;\n TrustManager[] trustManagers = null;\n try {\n trustManagers = getTrustManagers(certificates);\n SSLContext sslContext = SSLContext.getInstance("TLS");\n sslContext.init(null, trustManagers, null);\n socketFactory = new Tls12SocketFactory(sslContext.getSocketFactory());\n client.sslSocketFactory(socketFactory, (X509TrustManager) trustManagers[0]);\n } catch (Exception e) {\n Log.e("yezhou", "Error while setting TLS", e);\n if (trustManagers != null) {\n try {\n SSLContext sc = SSLContext.getInstance("TLSv1.2");\n sc.init(null, trustManagers, null);\n socketFactory = new Tls12SocketFactory(sc.getSocketFactory());\n client.sslSocketFactory(socketFactory, (X509TrustManager) trustManagers[0]);\n } catch (Exception e12) {\n Log.e("yezhou", "Error while setting TLS 1.2", e12);\n }\n }\n }\n\n ConnectionSpec cs = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)\n .tlsVersions(TlsVersion.TLS_1_2)\n .build();\n\n List<ConnectionSpec> specs = new ArrayList<>();\n specs.add(cs);\n specs.add(ConnectionSpec.COMPATIBLE_TLS);\n specs.add(ConnectionSpec.CLEARTEXT);\n\n client.connectionSpecs(specs);\n }\n return client;\n }\n}<\/code><\/pre>\n\u8bbe\u7f6eAppGlideModule<\/h3>\n
@GlideModule\npublic final class MyAppGlideModule extends AppGlideModule {\n\n @Override\n public void registerComponents(@NonNull Context context, @NonNull Glide glide, @NonNull Registry registry) {\n Log.i("yezhou", "MyAppGlideModule.registerComponents: " + Build.VERSION.SDK_INT);\n if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN && Build.VERSION.SDK_INT < Build.VERSION_CODES.LOLLIPOP) {\n OkHttpClient.Builder clientBuilder = new OkHttpClient.Builder()\n .followRedirects(true)\n .followSslRedirects(true)\n .retryOnConnectionFailure(true)\n .cache(null)\n .connectTimeout(10, TimeUnit.SECONDS)\n .writeTimeout(10, TimeUnit.SECONDS)\n .readTimeout(10, TimeUnit.SECONDS);\n InputStream is = null;\n try {\n is = context.getAssets().open("appblog.cer");\n } catch (IOException e) {\n e.printStackTrace();\n }\n ModelLoaderFactory factory = new OkHttpUrlLoader.Factory(SSLHelper.enableTls12OnPreLollipop(clientBuilder, is).build());\n\n registry.replace(GlideUrl.class, InputStream.class, factory);\n }\n }\n\n}<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"