我試圖讓DefaultHttpClient()
與過期的SSL證書一起使用。如何使用Apache客戶端接受過期的ssl證書?
Android API 2.2
因爲這條線的它不會編譯:
SSLSocketFactory的SF =新的SSLSocketFactory(的SSLContext);
錯誤:The constructor SSLSocketFactory(SSLContext)
未定義
我在做什麼錯?
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.SSLSocketFactory;
{...}
SSLContext sslContext = SSLContext.getInstance("SSL");
// set up a TrustManager that trusts everything
sslContext.init(null, new TrustManager[] { new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
System.out.println("getAcceptedIssuers =============");
return null;
}
public void checkClientTrusted(X509Certificate[] certs,
String authType) {
System.out.println("checkClientTrusted =============");
}
public void checkServerTrusted(X509Certificate[] certs,
String authType) {
System.out.println("checkServerTrusted =============");
}
} }, new SecureRandom());
SSLSocketFactory sf = new SSLSocketFactory(sslContext);
Scheme httpsScheme = new Scheme("https", sf, 443);
SchemeRegistry schemeRegistry = new SchemeRegistry();
schemeRegistry.register(httpsScheme);
HttpParams params = new BasicHttpParams();
ClientConnectionManager cm = new SingleClientConnManager(params, schemeRegistry);
//DefaultHttpClient httpclient = new DefaultHttpClient();
DefaultHttpClient httpclient = new DefaultHttpClient(cm, params);
獨立於如何將此'SSLContext'傳遞給HTTP客戶端,您做錯了什麼是您使用的信任管理器不檢查服務器證書。這些傳遞信任管理者將通過任何*證書(包括來自潛在的MITM的證書),而不僅僅是您信任的但已過期的證書。 – Bruno 2012-01-12 13:32:22