我需要從https服務器通過我的Android應用程序檢索數據。 我得到的服務器證書,動態是這樣的:我需要在Android java中使用https的私人證書
KeyStore store = KeyStore.getInstance(KeyStore.getDefaultType());
store.load(null);
URLConnection uc = new URL("https://duckduckgo.com/").openConnection();
uc.connect();
Certificate certs[] = ((HttpsURLConnection) uc).getServerCertificates();
for (int i = 0; i < certs.length; i++) store.setCertificateEntry("cert_"+ i, certs[i]);
((HttpsURLConnection) uc).disconnect();
我有一個自定義的HttpClient:
public class MyHttpClient extends DefaultHttpClient {
final KeyStore store;
public MyHttpClient(KeyStore store) {
this.store = store;
}
@Override
protected ClientConnectionManager createClientConnectionManager() {
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory
.getSocketFactory(), 80));
registry.register(new Scheme("https", newSslSocketFactory(), 443));
return new SingleClientConnManager(getParams(), registry);
}
private SSLSocketFactory newSslSocketFactory() {
try {
return new SSLSocketFactory(store);
} catch (Exception e) {
throw new AssertionError(e);
}
}
}
,並檢索數據形成這樣的服務器:
HttpEntity responseEntity;
URI url = new URI("https://duckduckgo.com/?q=android+java");
HttpGet httpGet = new HttpGet(url);
HttpClient client = new MyHttpClient(store);
httpGet.addHeader("Content-Type", "text/xml");
HttpConnectionParams.setConnectionTimeout(client.getParams(), 15000);
HttpResponse getResponse = client.execute(httpGet);
是一切,我送並接收加密?
我在想也許我必須提供服務器與我的公鑰?
有沒有這樣的事情作爲'私人證書'。獲取服務器證書並將其存儲到信任庫中將不起作用,除非它們已經信任,即存在於信任庫中,該信任庫是循環的。不清楚你在問什麼。 – EJP 2017-03-20 09:11:36