{"id":1288,"date":"2023-03-18T10:15:19","date_gmt":"2023-03-18T02:15:19","guid":{"rendered":"https:\/\/www.appblog.cn\/?p=1288"},"modified":"2023-04-29T09:19:55","modified_gmt":"2023-04-29T01:19:55","slug":"android-https-request-certpathvalidatorexception","status":"publish","type":"post","link":"https:\/\/www.appblog.cn\/index.php\/2023\/03\/18\/android-https-request-certpathvalidatorexception\/","title":{"rendered":"Android HTTPS\u8bf7\u6c42 CertPathValidatorException"},"content":{"rendered":"

\u9519\u8bef\u4fe1\u606f<\/h2>\n

Android\u4f7f\u7528okhttp\u7b49\u5ba2\u6237\u7aef\u8bf7\u6c42https\u65f6\uff0c\u8bc1\u4e66\u5982\u679c\u662f\u7528\u6765\u6d4b\u8bd5\uff08\u4e0d\u53ef\u4fe1\u4efb\uff09\u7684\u4f1a\u62a5\u51fa\u5982\u4e0b\u95ee\u9898\uff1a<\/p>\n

okhttp\u9ed8\u8ba4\u60c5\u51b5\u4e0b\u662f\u652f\u6301https\u534f\u8bae\u7684\uff0c\u4e0d\u8fc7\u8981\u6ce8\u610f\u7684\u662f\uff0c\u652f\u6301https\u7684\u7f51\u7ad9\u5982\u679c\u662fCA\u673a\u6784\u9881\u53d1\u7684\u8bc1\u4e66\uff0c\u9ed8\u8ba4\u60c5\u51b5\u4e0b\u662f\u53ef\u4ee5\u4fe1\u4efb\u7684\uff0c\u5426\u5219\u4e0d\u53ef\u4fe1\u4efb\u3002<\/p>\n

<\/p>\n

javax.net.ssl.SSLHandshakeException:\n    java.security.cert.CertPathValidatorException:\n        Trust anchor for certification path not found.<\/code><\/pre>\n
\u89e3\u51b3\u65b9\u6848<\/h2>\n
\u4ee3\u7406\u95ee\u9898<\/h3>\n
\u5c4f\u853d\u8bc1\u4e66\u9a8c\u8bc1<\/h3>\n
OkHttp\u4e2d\u5ffd\u7565SSL\u9a8c\u8bc1<\/h4>\n
public OKHttpUtil(Context context) {\n    this.context = context;\n    buildType = context.getResources().getString(R.string.buildType);\n    dbManager = new DBManager(context);\n    mOkHttpClient = new OkHttpClient();\n    mOkHttpClient.setSslSocketFactory(createSSLSocketFactory()); \/\/**\u91cd\u70b9**\u5728new OkHttpClient()\u4e0b\u6dfb\u52a0\u6b64\u4ee3\u7801\u8fdb\u884cssl\u7684\u5ffd\u7565\n}\n\nprivate SSLSocketFactory createSSLSocketFactory() {\n    SSLSocketFactory ssfFactory = null;\n    try {\n        mMyTrustManager = new MyTrustManager();\n        SSLContext sc = SSLContext.getInstance("TLS");\n        sc.init(null, new TrustManager[]{mMyTrustManager}, new SecureRandom());\n        ssfFactory = sc.getSocketFactory();\n    } catch (Exception ignored) {\n        ignored.printStackTrace();\n    }\n\n    return ssfFactory;\n}\n\n\/\/\u5b9e\u73b0X509TrustManager\u63a5\u53e3\npublic static class MyTrustManager implements X509TrustManager {\n    @Override\n    public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {\n    }\n\n    @Override\n    public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {\n    }\n\n    @Override\n    public X509Certificate[] getAcceptedIssuers() {\n        return new X509Certificate[0];\n    }\n}<\/code><\/pre>\n
WebView\u4e2d\u5ffd\u7565SSL\u9a8c\u8bc1<\/h4>\n
webview.setWebViewClient(new WebViewClient() {\n    @Override\n    public void onPageFinished(WebView view, String url) {\n        ptrFrame.refreshComplete();\n    }\n    @Override\n    public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {\n        handler.proceed();\/\/**\u91cd\u70b9**\u63a5\u53d7\u6240\u6709\u8bc1\u4e66\u9a8c\u8bc1\n    }\n});<\/code><\/pre>\n
HttpURLConnection\u4e2d\u5ffd\u7565SSL\u9a8c\u8bc1<\/h4>\n
HttpsURLConnection urlConnection = (HttpsURLConnection) url.openConnection();\nurlConnection.setRequestMethod("POST");\nurlConnection.setSSLSocketFactory(context.getSocketFactory());\nurlConnection.setHostnameVerifier(new HostnameVerifier() {\n    @Override\n    public boolean verify(String hostname, SSLSession session) {\n            return true;\n        }\n    });<\/code><\/pre>\n
private static InputStream getImageStream(String urlParam) throws Exception {\n    URL url = new URL(urlParam);\n    HttpURLConnection conn = null;\n\n    \/\/**\u5173\u952e\u4ee3\u7801**\n    \/\/ignore https certificate validation |\u5ffd\u7565 https \u8bc1\u4e66\u9a8c\u8bc1\n    if (url.getProtocol().toUpperCase().equals("HTTPS")) {\n        trustAllHosts();\n        HttpsURLConnection https = (HttpsURLConnection) url\n                .openConnection();\n        https.setHostnameVerifier(InternetUtil.DO_NOT_VERIFY);\n        conn = https;\n    } else {\n        conn = (HttpURLConnection) url.openConnection();\n    }\n\n    conn.setConnectTimeout(5 * 1000);\n    conn.setRequestMethod("GET");\n    if (conn.getResponseCode() == HttpURLConnection.HTTP_OK) {\n        return conn.getInputStream();\n    }\n    return null;\n}\n\npublic static void trustAllHosts() {\n    \/\/ Create a trust manager that does not validate certificate chains\n    \/\/ Android use X509 cert\n    TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {\n        public java.security.cert.X509Certificate[] getAcceptedIssuers() {\n            return new java.security.cert.X509Certificate[] {};\n        }\n\n        public void checkClientTrusted(X509Certificate[] chain,\n                                       String authType) throws CertificateException {\n        }\n\n        public void checkServerTrusted(X509Certificate[] chain,\n                                       String authType) throws CertificateException {\n        }\n    } };\n\n    \/\/ Install the all-trusting trust manager\n    try {\n        SSLContext sc = SSLContext.getInstance("TLS");\n        sc.init(null, trustAllCerts, new java.security.SecureRandom());\n        HttpsURLConnection\n                .setDefaultSSLSocketFactory(sc.getSocketFactory());\n    } catch (Exception e) {\n        e.printStackTrace();\n    }\n}\n\npublic final static HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier() {\n    public boolean verify(String hostname, SSLSession session) {\n        return true;\n    }\n};<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
\u9519\u8bef\u4fe1\u606f Android\u4f7f\u7528okhttp\u7b49\u5ba2\u6237\u7aef\u8bf7\u6c42https\u65f6\uff0c\u8bc1\u4e66\u5982\u679c\u662f\u7528\u6765\u6d4b\u8bd5\uff08\u4e0d\u53ef\u4fe1\u4efb\uff09\u7684\u4f1a\u62a5\u51fa\u5982\u4e0b\u95ee […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[311],"tags":[323],"class_list":["post-1288","post","type-post","status-publish","format-standard","hentry","category-android-advance","tag-https"],"_links":{"self":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts\/1288","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/comments?post=1288"}],"version-history":[{"count":0,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts\/1288\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/media?parent=1288"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/categories?post=1288"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/tags?post=1288"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}