1
我正在檢查建立ssl連接的Android代碼。函數createSSLSocketFactory是個問題。它加載密鑰庫。我不知道ssl連接用於信任服務器證書或發送客戶端證書。檢查Android套接字連接使用的SSL證書
請幫我檢查並給我一些解釋。
下面的代碼:
private DefaultHttpClient createHttpClient() {
DefaultHttpClient ret = new DefaultHttpClient(){
/* (non-Javadoc)
* @see org.apache.http.impl.client.DefaultHttpClient#createClientConnectionManager()
*/
@Override
protected ClientConnectionManager createClientConnectionManager() {
SchemeRegistry registry = new SchemeRegistry();
try {
URI uri;
uri = new URI(getURI());
if (Http.SCHEME_HTTP.equals(uri.getScheme())) {
registry.register(new Scheme(Http.SCHEME_HTTP, PlainSocketFactory.getSocketFactory(), 80));
} else if (Http.SCHEME_HTTPS.equals(uri.getScheme())) {
registry.register(new Scheme(Http.SCHEME_HTTPS, createSSLSocketFactory(), 443));
}
} catch (URISyntaxException e) {
LogUtils.e(e.getMessage(), e);
}
return new SingleClientConnManager(getParams(), registry);
}
private SSLSocketFactory createSSLSocketFactory() {
final Resources resources = mContext.getResources();
final InputStream in = resources.openRawResource(R.raw.ippaps);
ApplicationManeger apm = ApplicationManeger.getInstance();
final char[] passwdchars = apm.getProperty(
PropertiesConstants.SSL_PASSWORD).toCharArray();
SSLSocketFactory socketFactory = null;
try {
KeyStore keyStore = KeyStore.getInstance("BKS");
try {
keyStore.load(in, passwdchars);
} finally {
in.close();
}
socketFactory = new SSLSocketFactory(keyStore);
socketFactory.setHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER);
} catch (Exception e) {
LogUtils.d(e.getMessage(), e);
}
return socketFactory;
}
};
return ret;
}
謝謝!