\u5e38\u89c4https\u6293\u5305\u65b9\u6848\u4fbf\u662f\u901a\u8fc7\u5185\u7f6e\u4ee3\u7406\u8bc1\u4e66\u6765\u8fdb\u884c\u6293\u5305\u7684\u3002<\/p>\n
<\/p>\n
\u6d4f\u89c8\u5668\u5bfc\u51fa\u8bc1\u4e66\uff1a\u9009\u62e9 CustomTrust.java<\/p>\n OKHttp3\u4e2d\u5f15\u5165\u8bc1\u4e66\u5f3a\u6821\u9a8c\u7684\u6838\u5fc3\u4ee3\u7801<\/p>\n Android HTTPS\u6293\u5305 \u5e38\u89c4https\u6293\u5305\u65b9\u6848\u4fbf\u662f\u901a\u8fc7\u5185\u7f6e\u4ee3\u7406\u8bc1\u4e66\u6765\u8fdb\u884c\u6293\u5305\u7684\u3002 \u5176\u4e2d\u57287.0\u4ee5\u4e0b\uff0c\u5982 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[311],"tags":[407],"class_list":["post-1634","post","type-post","status-publish","format-standard","hentry","category-android-advance","tag-407"],"_links":{"self":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts\/1634","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/comments?post=1634"}],"version-history":[{"count":0,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts\/1634\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/media?parent=1634"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/categories?post=1634"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/tags?post=1634"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Base64 \u7f16\u7801X.509(.CER)(S)<\/code><\/p>\nimport java.io.IOException;\nimport java.io.InputStream;\nimport java.security.GeneralSecurityException;\nimport java.security.KeyStore;\nimport java.security.cert.Certificate;\nimport java.security.cert.CertificateFactory;\nimport java.util.Arrays;\nimport java.util.Collection;\n\nimport javax.net.ssl.KeyManagerFactory;\nimport javax.net.ssl.TrustManager;\nimport javax.net.ssl.TrustManagerFactory;\nimport javax.net.ssl.X509TrustManager;\n\nimport okhttp3.CertificatePinner;\nimport okio.Buffer;\n\npublic class CustomTrust {\n\n public static InputStream trustedCertificatesInputStream() {\n String comodoRsaCertificationAuthority = "-----BEGIN CERTIFICATE-----\\n" +\n "MIIJrzCCCJegAwIBAgIMLO4ZPBiCeOo+Q3VzMA0GCSqGSIb3DQEBCwUAMGYxCzAJ\\n" +\n "BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNH\\n" +\n ...\n "nRBHS8ITYjTG0Dw5CTklj\/6i9PP735snPfzQKOht3N0X0x8=\\n" +\n "-----END CERTIFICATE-----\\n";\n String entrustRootCertificateAuthority = "";\n return new Buffer()\n .writeUtf8(comodoRsaCertificationAuthority)\n .writeUtf8(entrustRootCertificateAuthority)\n .inputStream();\n }\n\n public static X509TrustManager trustManagerForCertificates(InputStream in) throws GeneralSecurityException {\n CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");\n Collection<? extends Certificate> certificates = certificateFactory.generateCertificates(in);\n if (certificates.isEmpty()) {\n throw new IllegalArgumentException("expected non-empty set of trusted certificates");\n }\n\n \/\/ Put the certificates a key store.\n char[] password = "password".toCharArray(); \/\/ Any password will work.\n KeyStore keyStore = newEmptyKeyStore(password);\n int index = 0;\n for (Certificate certificate : certificates) {\n String certificateAlias = Integer.toString(index++);\n keyStore.setCertificateEntry(certificateAlias, certificate);\n }\n\n \/\/ Use it to build an X509 trust manager.\n KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());\n keyManagerFactory.init(keyStore, password);\n TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());\n trustManagerFactory.init(keyStore);\n TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();\n if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {\n throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(trustManagers));\n }\n return (X509TrustManager) trustManagers[0];\n }\n\n private static KeyStore newEmptyKeyStore(char[] password) throws GeneralSecurityException {\n try {\n KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());\n InputStream in = null; \/\/ By convention, 'null' creates an empty key store.\n keyStore.load(in, password);\n return keyStore;\n } catch (IOException e) {\n throw new AssertionError(e);\n }\n }\n}<\/code><\/pre>\nX509TrustManager trustManager;\nSSLSocketFactory sslSocketFactory;\ntry {\n trustManager = CustomTrust.trustManagerForCertificates(CustomTrust.trustedCertificatesInputStream());\n SSLContext sslContext = SSLContext.getInstance("TLS");\n sslContext.init(null, new TrustManager[]{trustManager}, null);\n sslSocketFactory = sslContext.getSocketFactory();\n} catch (GeneralSecurityException e) {\n}\n\nmClient = new OkHttpClient().newBuilder()\n .retryOnConnectionFailure(true)\n .writeTimeout(TIMEOUT, TimeUnit.SECONDS)\n .connectTimeout(TIMEOUT, TimeUnit.SECONDS)\n .readTimeout(TIMEOUT, TimeUnit.SECONDS)\n .sslSocketFactory(sslSocketFactory, trustManager)\n .build();<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"