2012-01-01 129 views
1

我試圖讓DefaultHttpClient()與過期的SSL證書一起使用。如何使用Apache客戶端接受過期的ssl證書?

Android API 2.2 

因爲這條線的它不會編譯:

SSLSocketFactory的SF =新的SSLSocketFactory(的SSLContext);

錯誤:The constructor SSLSocketFactory(SSLContext)未定義

我在做什麼錯?

import javax.net.ssl.SSLContext; 
    import javax.net.ssl.TrustManager; 
    import javax.net.ssl.X509TrustManager; 
    import org.apache.http.conn.ssl.SSLSocketFactory; 
    {...} 

     SSLContext sslContext = SSLContext.getInstance("SSL"); 

     // set up a TrustManager that trusts everything 
     sslContext.init(null, new TrustManager[] { new X509TrustManager() { 
        public X509Certificate[] getAcceptedIssuers() { 
          System.out.println("getAcceptedIssuers ============="); 
          return null; 
        } 

        public void checkClientTrusted(X509Certificate[] certs, 
            String authType) { 
          System.out.println("checkClientTrusted ============="); 
        } 

        public void checkServerTrusted(X509Certificate[] certs, 
            String authType) { 
          System.out.println("checkServerTrusted ============="); 
        } 
     } }, new SecureRandom()); 

     SSLSocketFactory sf = new SSLSocketFactory(sslContext); 
     Scheme httpsScheme = new Scheme("https", sf, 443); 
     SchemeRegistry schemeRegistry = new SchemeRegistry(); 
     schemeRegistry.register(httpsScheme); 

     HttpParams params = new BasicHttpParams(); 
     ClientConnectionManager cm = new SingleClientConnManager(params, schemeRegistry); 

     //DefaultHttpClient httpclient = new DefaultHttpClient(); 
     DefaultHttpClient httpclient = new DefaultHttpClient(cm, params); 
+0

獨立於如何將此'SSLContext'傳遞給HTTP客戶端,您做錯了什麼是您使用的信任管理器不檢查服務器證書。這些傳遞信任管理者將通過任何*證書(包括來自潛在的MITM的證書),而不僅僅是您信任的但已過期的證書。 – Bruno 2012-01-12 13:32:22

回答

1

通過對SSLSocketFactory的文件看,似乎沒有成爲一個構造函數:

SSLSocketFactory(javax.net.ssl.SSLContext) 

可用的構造函數爲:

SSLSocketFactory(String algorithm, KeyStore keystore, String keystorePassword, KeyStore truststore, SecureRandom random, HostNameResolver nameResolver) 
SSLSocketFactory(KeyStore keystore, String keystorePassword, KeyStore truststore) 
SSLSocketFactory(KeyStore keystore, String keystorePassword) 
SSLSocketFactory(KeyStore truststore) 

我在這裏失去了一些東西?

javax.net.ssl.SSLContext

0

你沒做錯什麼(也許除了使用一些標準的Java代碼)查看。

看來,Android的執行Apache的SSLSocketFactory類沒有實現原來的Apache SSLSocketFactory

的所有構造函數你只好湊合。