在我的Android应用程序中,我正在使用Volley网络库。我必须在应用程序中为用户提供一个选项,以便如果启用该选项,则在建立网络连接时需要绕过证书验证。如果未启用,则禁用旁路验证编码部分,以便在服务器具有有效证书的情况下建立连接。
有人可以建议我如何动态地在这两个之间切换吗?
我已使用以下代码绕过验证。
/**
* By passing SSL
*/
@SuppressLint("TrulyRandom")
public static void handleSSLHandshake() {
try {
TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
@Override
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
}};
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
});
} catch (Exception ex ) {
ex.printStackTrace();
}
}
提前感谢。
我已经解决了如下所述的问题。
将默认ssl套接字工厂和默认主机名验证程序的最终对象定义为
// define the default variables for proper certificate validation
private static final SSLSocketFactory defaultSSLSocketFactory = HttpsURLConnection.getDefaultSSLSocketFactory();
private static final HostnameVerifier defaultSSLHostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
我已经定义了以下三种方法。
private void setDefaultSettingsForHttpsConnection(){
HttpsURLConnection.setDefaultSSLSocketFactory(defaultSSLSocketFactory);
HttpsURLConnection.setDefaultHostnameVerifier(defaultSSLHostnameVerifier);
}
/**
* By passing SSL
*/
@SuppressLint("TrulyRandom")
private void bypassSSLValidation() {
try {
TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
@Override
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
}};
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
});
} catch (NoSuchAlgorithmException | KeyManagementException ex ) {
ex.printStackTrace();
} catch(Exception ex){
ex.printStackTrace();
}
}
private void checkAndHandleSSLHandshake(Activity activity){
if(SPUtils.getBoolean(activity, SPUtils.KEY_ALLOW_SELF_SIGNED_PREF)){
bypassSSLValidation();
}else{
setDefaultSettingsForHttpsConnection();
}
}
在将网络请求添加到队列之前,我正在调用checkAndHandleSSLHandshake(context),以便它将为每个请求动态更改设置。