Android WildCard SSL驗證

Question

我需要一些幫助來驗證我的Android應用程序中的WildCard SSL。現在我使用的代碼被驗證，不檢查任何東西：

public void UseHttpsConnection(String url, String charset, String query) { 

    try { 
     final TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { 
      @Override 
      public void checkClientTrusted(final X509Certificate[] chain, final String authType) { 
      } 
      @Override 
      public void checkServerTrusted(final X509Certificate[] chain, final String authType) { 
      } 
      @Override 
      public X509Certificate[] getAcceptedIssuers() { 
       return null; 
      } 
     } }; 

     // Install the all-trusting trust manager 
     final SSLContext sslContext = SSLContext.getInstance("TLS"); 
     sslContext.init(null, trustAllCerts, new java.security.SecureRandom()); 
     // Create an ssl socket factory with our all-trusting manager 
     final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory(); 



     System.setProperty("http.keepAlive", "false"); 
     HttpsURLConnection connection = (HttpsURLConnection) new URL(url) 
       .openConnection(); 
     connection.setSSLSocketFactory(sslSocketFactory); 
     connection.setDoOutput(true); 
     connection.setRequestMethod("POST"); 
     connection.setRequestProperty("Charset", charset); 
     connection.setRequestProperty("Content-Type", 
       "application/x-www-form-urlencoded;charset=" + charset); 
     OutputStream output = null; 
     try { 
      output = connection.getOutputStream(); 
      output.write(query.getBytes(charset)); 
     } catch (IOException e) { 
      e.printStackTrace(); 
     } finally { 
      if (output != null) 
       try { 
        output.close(); 
       } catch (IOException logOrIgnore) { 
        logOrIgnore.printStackTrace(); 
       } 
     } 

     int status = ((HttpsURLConnection) connection).getResponseCode(); 
     Log.i("", "Status : " + status); 

     for (Entry<String, List<String>> header : connection 
       .getHeaderFields().entrySet()) { 
      Log.i("Headers", 
        "Headers : " + header.getKey() + "=" 
          + header.getValue()); 
     } 

     InputStream response = new BufferedInputStream(
       connection.getInputStream()); 

     int bytesRead = -1; 
     byte[] buffer = new byte[30 * 1024]; 
     while ((bytesRead = response.read(buffer)) > 0) { 
      byte[] buffer2 = new byte[bytesRead]; 
      System.arraycopy(buffer, 0, buffer2, 0, bytesRead); 
      handleDataFromSync(buffer2); 
     } 
     connection.disconnect(); 
    } catch (Exception e) { 
     e.printStackTrace(); 
    } 
} 

當我讀了網上我發現有在Android的一個bug與驗證WildCard（例如：*.mydomain.com）證書，我沒有找到任何示例或建議如何做到這一點。我想達到的目標是：通過名稱驗證證書並檢查它是否過期。任何好的建議/例子都會受到歡迎，因爲這是我第一次嘗試使用SSL，但我並不十分熟悉它。

在此先感謝！

Answer 1

foursquare文檔建議遵循可用的答案in this SO question

Answer 2

這段代碼可以幫忙嗎？ https://github.com/mixare/mixare/blob/master/src/org/mixare/MixContext.java

我加入更多的情況下，我真的相信這個代碼部分做你想要達到的目標：

 HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier(){ 
      public boolean verify(String hostname, SSLSession session) { 
       return true; 
      }}); 
    SSLContext context = SSLContext.getInstance("TLS"); 
    context.init(null, new X509TrustManager[]{new X509TrustManager(){ 
     public void checkClientTrusted(X509Certificate[] chain, 
       String authType) throws CertificateException {} 
     public void checkServerTrusted(X509Certificate[] chain, 
       String authType) throws CertificateException {} 
     public X509Certificate[] getAcceptedIssuers() { 
      return new X509Certificate[0]; 
     }}}, new SecureRandom()); 
    HttpsURLConnection.setDefaultSSLSocketFactory(
      context.getSocketFactory()); 

這個代碼在mixare用於接受自簽名證書。