├── app
├── .gitignore
├── src
│ ├── main
│ │ ├── assets
│ │ │ ├── ca.p12
│ │ │ ├── client.bks
│ │ │ ├── client.p12
│ │ │ └── client.cer
│ │ ├── res
│ │ │ ├── values
│ │ │ │ ├── strings.xml
│ │ │ │ ├── colors.xml
│ │ │ │ └── styles.xml
│ │ │ ├── mipmap-hdpi
│ │ │ │ ├── ic_launcher.png
│ │ │ │ └── ic_launcher_round.png
│ │ │ ├── mipmap-mdpi
│ │ │ │ ├── ic_launcher.png
│ │ │ │ └── ic_launcher_round.png
│ │ │ ├── mipmap-xhdpi
│ │ │ │ ├── ic_launcher.png
│ │ │ │ └── ic_launcher_round.png
│ │ │ ├── mipmap-xxhdpi
│ │ │ │ ├── ic_launcher.png
│ │ │ │ └── ic_launcher_round.png
│ │ │ ├── mipmap-xxxhdpi
│ │ │ │ ├── ic_launcher.png
│ │ │ │ └── ic_launcher_round.png
│ │ │ └── layout
│ │ │ │ └── activity_main.xml
│ │ ├── java
│ │ │ └── com
│ │ │ │ └── tgdz
│ │ │ │ └── my
│ │ │ │ └── testhttps
│ │ │ │ ├── MyApplication.java
│ │ │ │ ├── TrustAllCerts.java
│ │ │ │ ├── getSSLSocketFactory.java
│ │ │ │ ├── MySSLSocketFactory.java
│ │ │ │ ├── MainActivity.java
│ │ │ │ └── SslWebViewClient.java
│ │ └── AndroidManifest.xml
│ ├── test
│ │ └── java
│ │ │ └── com
│ │ │ └── tgdz
│ │ │ └── my
│ │ │ └── testhttps
│ │ │ └── ExampleUnitTest.java
│ └── androidTest
│ │ └── java
│ │ └── com
│ │ └── tgdz
│ │ └── my
│ │ └── testhttps
│ │ └── ExampleInstrumentedTest.java
├── proguard-rules.pro
└── build.gradle
├── settings.gradle
├── .idea
├── copyright
│ └── profiles_settings.xml
├── encodings.xml
├── file.template.settings.xml
├── modules.xml
├── runConfigurations.xml
├── gradle.xml
├── compiler.xml
└── misc.xml
├── gradle
└── wrapper
│ ├── gradle-wrapper.jar
│ └── gradle-wrapper.properties
├── .gitignore
├── README.md
├── gradle.properties
├── gradlew.bat
└── gradlew
/app/.gitignore:
--------------------------------------------------------------------------------
1 | /build
2 |
--------------------------------------------------------------------------------
/settings.gradle:
--------------------------------------------------------------------------------
1 | include ':app'
2 |
--------------------------------------------------------------------------------
/app/src/main/assets/ca.p12:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cq-tyl/android_https/HEAD/app/src/main/assets/ca.p12
--------------------------------------------------------------------------------
/app/src/main/assets/client.bks:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cq-tyl/android_https/HEAD/app/src/main/assets/client.bks
--------------------------------------------------------------------------------
/app/src/main/assets/client.p12:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cq-tyl/android_https/HEAD/app/src/main/assets/client.p12
--------------------------------------------------------------------------------
/.idea/copyright/profiles_settings.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
--------------------------------------------------------------------------------
/app/src/main/res/values/strings.xml:
--------------------------------------------------------------------------------
1 |
2 | TestHttps
3 |
4 |
--------------------------------------------------------------------------------
/gradle/wrapper/gradle-wrapper.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cq-tyl/android_https/HEAD/gradle/wrapper/gradle-wrapper.jar
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-hdpi/ic_launcher.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cq-tyl/android_https/HEAD/app/src/main/res/mipmap-hdpi/ic_launcher.png
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-mdpi/ic_launcher.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cq-tyl/android_https/HEAD/app/src/main/res/mipmap-mdpi/ic_launcher.png
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xhdpi/ic_launcher.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cq-tyl/android_https/HEAD/app/src/main/res/mipmap-xhdpi/ic_launcher.png
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xxhdpi/ic_launcher.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cq-tyl/android_https/HEAD/app/src/main/res/mipmap-xxhdpi/ic_launcher.png
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xxxhdpi/ic_launcher.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cq-tyl/android_https/HEAD/app/src/main/res/mipmap-xxxhdpi/ic_launcher.png
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-hdpi/ic_launcher_round.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cq-tyl/android_https/HEAD/app/src/main/res/mipmap-hdpi/ic_launcher_round.png
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-mdpi/ic_launcher_round.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cq-tyl/android_https/HEAD/app/src/main/res/mipmap-mdpi/ic_launcher_round.png
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xhdpi/ic_launcher_round.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cq-tyl/android_https/HEAD/app/src/main/res/mipmap-xhdpi/ic_launcher_round.png
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xxhdpi/ic_launcher_round.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cq-tyl/android_https/HEAD/app/src/main/res/mipmap-xxhdpi/ic_launcher_round.png
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xxxhdpi/ic_launcher_round.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/cq-tyl/android_https/HEAD/app/src/main/res/mipmap-xxxhdpi/ic_launcher_round.png
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | *.iml
2 | .gradle
3 | /local.properties
4 | /.idea/workspace.xml
5 | /.idea/libraries
6 | .DS_Store
7 | /build
8 | /captures
9 | .externalNativeBuild
10 |
--------------------------------------------------------------------------------
/.idea/encodings.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
--------------------------------------------------------------------------------
/app/src/main/java/com/tgdz/my/testhttps/MyApplication.java:
--------------------------------------------------------------------------------
1 | package com.tgdz.my.testhttps;
2 |
3 | import android.app.Application;
4 |
5 | /**
6 | * Created by admin on 2017-5-5.
7 | */
8 |
9 | public class MyApplication extends Application {
10 | }
11 |
--------------------------------------------------------------------------------
/app/src/main/res/values/colors.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 | #3F51B5
4 | #303F9F
5 | #FF4081
6 |
7 |
--------------------------------------------------------------------------------
/gradle/wrapper/gradle-wrapper.properties:
--------------------------------------------------------------------------------
1 | #Fri May 05 08:35:54 CST 2017
2 | distributionBase=GRADLE_USER_HOME
3 | distributionPath=wrapper/dists
4 | zipStoreBase=GRADLE_USER_HOME
5 | zipStorePath=wrapper/dists
6 | distributionUrl=https\://services.gradle.org/distributions/gradle-2.14.1-all.zip
7 |
--------------------------------------------------------------------------------
/.idea/file.template.settings.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
--------------------------------------------------------------------------------
/.idea/modules.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
--------------------------------------------------------------------------------
/app/src/main/res/values/styles.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/app/src/test/java/com/tgdz/my/testhttps/ExampleUnitTest.java:
--------------------------------------------------------------------------------
1 | package com.tgdz.my.testhttps;
2 |
3 | import org.junit.Test;
4 |
5 | import static org.junit.Assert.*;
6 |
7 | /**
8 | * Example local unit test, which will execute on the development machine (host).
9 | *
10 | * @see Testing documentation
11 | */
12 | public class ExampleUnitTest {
13 | @Test
14 | public void addition_isCorrect() throws Exception {
15 | assertEquals(4, 2 + 2);
16 | }
17 | }
--------------------------------------------------------------------------------
/.idea/runConfigurations.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
11 |
12 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 |
2 | 1.各类知识点整理:
3 | - android https双向验证 前言及总结:https://www.jianshu.com/p/07ce321d80ab
4 | - 单双向验证基础知识点: https://www.jianshu.com/p/ea5f4b1d9c00
5 | - phpstudy搭建本地服务器: https://www.jianshu.com/p/bbf853fc28f3
6 | - 浏览器获取证书文件(p12转cer):https://www.jianshu.com/p/7f74acab6c74
7 | - https双向认证证书生成:https://www.jianshu.com/p/094c7fc8cb85
8 | - android okhttps双向验证(代码实现):https://www.jianshu.com/p/6229d10d3550
9 | - android webView的双向验证:https://www.jianshu.com/p/e98119d04fd9
10 | - 配置完成后的测试:https://www.jianshu.com/p/cfcf708a591a
11 | 2. 工具类:
12 | - P12证书转BKS证书:https://www.jianshu.com/p/2a96c36b27fe
13 | - 服务器网址检测(兼容性及协议检测):https://www.ssllabs.com/index.html
14 |
--------------------------------------------------------------------------------
/.idea/gradle.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
17 |
18 |
--------------------------------------------------------------------------------
/.idea/compiler.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
--------------------------------------------------------------------------------
/gradle.properties:
--------------------------------------------------------------------------------
1 | # Project-wide Gradle settings.
2 |
3 | # IDE (e.g. Android Studio) users:
4 | # Gradle settings configured through the IDE *will override*
5 | # any settings specified in this file.
6 |
7 | # For more details on how to configure your build environment visit
8 | # http://www.gradle.org/docs/current/userguide/build_environment.html
9 |
10 | # Specifies the JVM arguments used for the daemon process.
11 | # The setting is particularly useful for tweaking memory settings.
12 | org.gradle.jvmargs=-Xmx1536m
13 |
14 | # When configured, Gradle will run in incubating parallel mode.
15 | # This option should only be used with decoupled projects. More details, visit
16 | # http://www.gradle.org/docs/current/userguide/multi_project_builds.html#sec:decoupled_projects
17 | # org.gradle.parallel=true
18 |
--------------------------------------------------------------------------------
/app/src/main/res/layout/activity_main.xml:
--------------------------------------------------------------------------------
1 |
2 |
8 |
12 |
13 |
14 |
15 |
20 |
21 |
22 |
23 |
--------------------------------------------------------------------------------
/app/src/main/assets/client.cer:
--------------------------------------------------------------------------------
1 | -----BEGIN CERTIFICATE-----
2 | MIICHjCCAYcCCQCmhL+tdlqidjANBgkqhkiG9w0BAQsFADBPMQswCQYDVQQGEwJj
3 | bjELMAkGA1UECBMCY3ExCzAJBgNVBAcTAmNxMQswCQYDVQQKEwJnczELMAkGA1UE
4 | CxMCZ3MxDDAKBgNVBAMTA3R5bDAeFw0xODA4MDEwMzI5NDRaFw0yODA3MjkwMzI5
5 | NDRaMFgxCzAJBgNVBAYTAmNuMQswCQYDVQQIEwJjcTELMAkGA1UEBxMCY3ExCzAJ
6 | BgNVBAoTAmdzMQswCQYDVQQLEwJnczEVMBMGA1UEAxMMY2xlbnQgY29tbW9uMIGf
7 | MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCa86HMRkms9DCURDUtB8kQD0Y7QHjv
8 | NdCPlzohit4+S/4mONkkf25usw+KWk9H5o2lzxtUDCQPQp5IRF6Ydj8IDs0EXE6P
9 | 869xFpv5WMZIUUDlBDt84Lb6fmflI7Cvhexz+BSIijerman7kTdi5cjzZi80E/9r
10 | 8U5BWbuJL3E0wwIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAHU+ghOkl4CWGQdSmtxj
11 | q+5Wc0mFBGLe2T7hLnVaRYGbC4rO36tQ+T6GfkNTrtqYbIy8wMOYKPgqmkLEjqPu
12 | N87ilSuwEVfEyryKSoR1qgTM8wi1dVqcii4Oaa9tzcQL+uw7w4UHpFBbYz1/GnU+
13 | zzlGaPgTW6mNB3VhmCmG9/Ev
14 | -----END CERTIFICATE-----
15 |
--------------------------------------------------------------------------------
/app/src/androidTest/java/com/tgdz/my/testhttps/ExampleInstrumentedTest.java:
--------------------------------------------------------------------------------
1 | package com.tgdz.my.testhttps;
2 |
3 | import android.content.Context;
4 | import android.support.test.InstrumentationRegistry;
5 | import android.support.test.runner.AndroidJUnit4;
6 |
7 | import org.junit.Test;
8 | import org.junit.runner.RunWith;
9 |
10 | import static org.junit.Assert.*;
11 |
12 | /**
13 | * Instrumentation test, which will execute on an Android device.
14 | *
15 | * @see Testing documentation
16 | */
17 | @RunWith(AndroidJUnit4.class)
18 | public class ExampleInstrumentedTest {
19 | @Test
20 | public void useAppContext() throws Exception {
21 | // Context of the app under test.
22 | Context appContext = InstrumentationRegistry.getTargetContext();
23 |
24 | assertEquals("com.tgdz.my.testhttps", appContext.getPackageName());
25 | }
26 | }
27 |
--------------------------------------------------------------------------------
/app/src/main/java/com/tgdz/my/testhttps/TrustAllCerts.java:
--------------------------------------------------------------------------------
1 | package com.tgdz.my.testhttps;
2 |
3 | import android.util.Log;
4 |
5 | import java.security.cert.X509Certificate;
6 |
7 | import javax.net.ssl.X509TrustManager;
8 |
9 | /**
10 | * Created by tyl
11 | * 2018/7/12/012
12 | * Describe:
13 | */
14 |
15 |
16 | public class TrustAllCerts implements X509TrustManager {
17 | // 默认的下面3个接口都会抛出一个异常,这里直接去掉异常,就是客户端忽略验证服务器端的验证信息直接通过
18 | @Override
19 | public void checkClientTrusted(
20 | X509Certificate[] chain, String authType) {
21 | Log.e("tyl","checkClientTrusted");
22 | }
23 |
24 | @Override
25 | public void checkServerTrusted(X509Certificate[] chain, String authType) {
26 | Log.e("tyl","checkServerTrusted");
27 | }
28 |
29 | @Override
30 | public X509Certificate[] getAcceptedIssuers() {
31 | Log.e("tyl","getAcceptedIssuers");
32 | return new X509Certificate[]{};}
33 | }
--------------------------------------------------------------------------------
/app/src/main/AndroidManifest.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 |
5 |
6 |
7 |
8 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
--------------------------------------------------------------------------------
/app/proguard-rules.pro:
--------------------------------------------------------------------------------
1 | # Add project specific ProGuard rules here.
2 | # By default, the flags in this file are appended to flags specified
3 | # in C:\Users\admin\AppData\Local\Android\Sdk/tools/proguard/proguard-android.txt
4 | # You can edit the include path and order by changing the proguardFiles
5 | # directive in build.gradle.
6 | #
7 | # For more details, see
8 | # http://developer.android.com/guide/developing/tools/proguard.html
9 |
10 | # Add any project specific keep options here:
11 |
12 | # If your project uses WebView with JS, uncomment the following
13 | # and specify the fully qualified class name to the JavaScript interface
14 | # class:
15 | #-keepclassmembers class fqcn.of.javascript.interface.for.webview {
16 | # public *;
17 | #}
18 |
19 | # Uncomment this to preserve the line number information for
20 | # debugging stack traces.
21 | #-keepattributes SourceFile,LineNumberTable
22 |
23 | # If you keep the line number information, uncomment this to
24 | # hide the original source file name.
25 | #-renamesourcefileattribute SourceFile
26 |
--------------------------------------------------------------------------------
/app/build.gradle:
--------------------------------------------------------------------------------
1 | apply plugin: 'com.android.application'
2 |
3 | android {
4 | compileSdkVersion 25
5 | buildToolsVersion "27.0.1"
6 | defaultConfig {
7 | applicationId "com.tgdz.my.testhttps"
8 | minSdkVersion 15
9 | targetSdkVersion 25
10 | versionCode 1
11 | versionName "1.0"
12 | testInstrumentationRunner "android.support.test.runner.AndroidJUnitRunner"
13 | }
14 | buildTypes {
15 | release {
16 | minifyEnabled false
17 | proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
18 | }
19 | }
20 | }
21 |
22 | dependencies {
23 | compile fileTree(dir: 'libs', include: ['*.jar'])
24 | androidTestCompile('com.android.support.test.espresso:espresso-core:2.2.2', {
25 | exclude group: 'com.android.support', module: 'support-annotations'
26 | })
27 | compile 'com.android.support:appcompat-v7:25.3.1'
28 | compile 'com.android.support.constraint:constraint-layout:1.0.2'
29 | testCompile 'junit:junit:4.12'
30 | compile 'com.zhy:okhttputils:2.6.2'
31 | compile 'com.github.franmontiel:PersistentCookieJar:v0.9.3'
32 |
33 |
34 |
35 | }
36 |
--------------------------------------------------------------------------------
/app/src/main/java/com/tgdz/my/testhttps/getSSLSocketFactory.java:
--------------------------------------------------------------------------------
1 | package com.tgdz.my.testhttps;
2 |
3 | import android.content.Context;
4 |
5 |
6 |
7 | import java.io.IOException;
8 | import java.io.InputStream;
9 | import java.security.KeyManagementException;
10 | import java.security.KeyStore;
11 | import java.security.KeyStoreException;
12 | import java.security.NoSuchAlgorithmException;
13 | import java.security.SecureRandom;
14 | import java.security.cert.CertificateException;
15 | import java.security.cert.CertificateFactory;
16 |
17 | import javax.net.ssl.SSLContext;
18 | import javax.net.ssl.SSLSocketFactory;
19 | import javax.net.ssl.TrustManager;
20 | import javax.net.ssl.TrustManagerFactory;
21 |
22 | /**
23 | * Created by tyl
24 | * 2018/7/12/012
25 | * Describe:
26 | */
27 |
28 | public class getSSLSocketFactory {
29 | public static SSLSocketFactory getSSLSocketFactory(Context context, InputStream inputStream) {
30 | if (context == null) {
31 | throw new NullPointerException("context == null");
32 | }
33 | CertificateFactory certificateFactory = null;
34 | // SSLContext 安全套接字协议实现,它充当安全套接字工厂或SSLEngines的工厂
35 | SSLContext sslContext = null;
36 | try {
37 | try {
38 | // 用于解析和管理证书、证书撤消列表 (CRL) 和证书路径的类和接口。
39 | certificateFactory = CertificateFactory.getInstance("X.509");
40 | } catch (CertificateException e) {
41 | e.printStackTrace();
42 | }
43 |
44 | // KeyStore加密密钥和证书的存储工具。
45 | KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
46 | keyStore.load(null, null);
47 |
48 |
49 | keyStore.setCertificateEntry("ca", certificateFactory.generateCertificate(inputStream));
50 | if (inputStream != null) {
51 | inputStream.close();
52 | }
53 |
54 | sslContext = SSLContext.getInstance("TLS");
55 |
56 | // sslContext.init(null, new TrustManager[]{new TrustAllCerts()}, new SecureRandom());
57 |
58 |
59 | TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
60 |
61 | trustManagerFactory.init(keyStore);
62 |
63 | sslContext.init(null, trustManagerFactory.getTrustManagers(), null);
64 |
65 |
66 | } catch (IOException | CertificateException | NoSuchAlgorithmException | KeyStoreException | KeyManagementException e) {
67 | e.printStackTrace();
68 | }
69 |
70 | return sslContext.getSocketFactory();
71 | }
72 | }
73 |
--------------------------------------------------------------------------------
/gradlew.bat:
--------------------------------------------------------------------------------
1 | @if "%DEBUG%" == "" @echo off
2 | @rem ##########################################################################
3 | @rem
4 | @rem Gradle startup script for Windows
5 | @rem
6 | @rem ##########################################################################
7 |
8 | @rem Set local scope for the variables with windows NT shell
9 | if "%OS%"=="Windows_NT" setlocal
10 |
11 | @rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
12 | set DEFAULT_JVM_OPTS=
13 |
14 | set DIRNAME=%~dp0
15 | if "%DIRNAME%" == "" set DIRNAME=.
16 | set APP_BASE_NAME=%~n0
17 | set APP_HOME=%DIRNAME%
18 |
19 | @rem Find java.exe
20 | if defined JAVA_HOME goto findJavaFromJavaHome
21 |
22 | set JAVA_EXE=java.exe
23 | %JAVA_EXE% -version >NUL 2>&1
24 | if "%ERRORLEVEL%" == "0" goto init
25 |
26 | echo.
27 | echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
28 | echo.
29 | echo Please set the JAVA_HOME variable in your environment to match the
30 | echo location of your Java installation.
31 |
32 | goto fail
33 |
34 | :findJavaFromJavaHome
35 | set JAVA_HOME=%JAVA_HOME:"=%
36 | set JAVA_EXE=%JAVA_HOME%/bin/java.exe
37 |
38 | if exist "%JAVA_EXE%" goto init
39 |
40 | echo.
41 | echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
42 | echo.
43 | echo Please set the JAVA_HOME variable in your environment to match the
44 | echo location of your Java installation.
45 |
46 | goto fail
47 |
48 | :init
49 | @rem Get command-line arguments, handling Windowz variants
50 |
51 | if not "%OS%" == "Windows_NT" goto win9xME_args
52 | if "%@eval[2+2]" == "4" goto 4NT_args
53 |
54 | :win9xME_args
55 | @rem Slurp the command line arguments.
56 | set CMD_LINE_ARGS=
57 | set _SKIP=2
58 |
59 | :win9xME_args_slurp
60 | if "x%~1" == "x" goto execute
61 |
62 | set CMD_LINE_ARGS=%*
63 | goto execute
64 |
65 | :4NT_args
66 | @rem Get arguments from the 4NT Shell from JP Software
67 | set CMD_LINE_ARGS=%$
68 |
69 | :execute
70 | @rem Setup the command line
71 |
72 | set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
73 |
74 | @rem Execute Gradle
75 | "%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS%
76 |
77 | :end
78 | @rem End local scope for the variables with windows NT shell
79 | if "%ERRORLEVEL%"=="0" goto mainEnd
80 |
81 | :fail
82 | rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
83 | rem the _cmd.exe /c_ return code!
84 | if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
85 | exit /b 1
86 |
87 | :mainEnd
88 | if "%OS%"=="Windows_NT" endlocal
89 |
90 | :omega
91 |
--------------------------------------------------------------------------------
/.idea/misc.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
19 |
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 | 1.8
51 |
52 |
57 |
58 |
59 |
60 |
61 |
62 |
--------------------------------------------------------------------------------
/app/src/main/java/com/tgdz/my/testhttps/MySSLSocketFactory.java:
--------------------------------------------------------------------------------
1 | package com.tgdz.my.testhttps;
2 |
3 | import android.content.Context;
4 | import android.util.Log;
5 |
6 | import java.io.IOException;
7 | import java.io.InputStream;
8 | import java.security.KeyStore;
9 | import java.security.SecureRandom;
10 | import java.security.cert.CertificateException;
11 | import java.security.cert.X509Certificate;
12 |
13 | import javax.net.ssl.KeyManagerFactory;
14 | import javax.net.ssl.SSLContext;
15 | import javax.net.ssl.SSLSocketFactory;
16 | import javax.net.ssl.TrustManager;
17 | import javax.net.ssl.TrustManagerFactory;
18 | import javax.net.ssl.X509TrustManager;
19 |
20 | /**
21 | * Created by tyl
22 | * 2018/7/9/009
23 | * Describe:
24 | */
25 |
26 | public class MySSLSocketFactory {
27 | private static final String KEY_STORE_TYPE_BKS = "bks";//证书类型
28 | private static final String KEY_STORE_TYPE_P12 = "PKCS12";//证书类型
29 | private static final String KEY_STORE_PASSWORD = "123456";//证书密码(应该是客户端证书密码,没有密码的直接改为空字符串)
30 | private static final String KEY_STORE_TRUST_PASSWORD = "123456";//授信证书密码(应该是服务端证书密码)
31 | private static InputStream trust_input;
32 | private static InputStream client_input;
33 |
34 | public static SSLSocketFactory getSocketFactory(Context context) {
35 | // 可以使用bks和client.cer来验证 去掉注释的代码,client.p12替换ca.p12即可,也可以直接通过p12我测试的时候也是通过的
36 | try {
37 | //服务器授信证书
38 | // trust_input = context.getResources().getAssets().open("client.bks");
39 | //客户端证书
40 | client_input = context.getResources().getAssets().open("client.p12");
41 | SSLContext sslContext = SSLContext.getInstance("TLS");
42 | // KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
43 | // trustStore.load(trust_input, KEY_STORE_TRUST_PASSWORD.toCharArray());
44 | // KeyStore存放证书及密匙的仓库
45 | KeyStore keyStore = KeyStore.getInstance(KEY_STORE_TYPE_P12);
46 | keyStore.load(client_input, KEY_STORE_PASSWORD.toCharArray());
47 | // KeyManagerFactory证书管理类
48 | KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
49 | keyManagerFactory.init(keyStore, KEY_STORE_PASSWORD.toCharArray());
50 | // 核心代码 SSLContext此类的实例表示安全套接字协议的实现, 它是SSLSocketFactory、SSLServerSocketFactory和SSLEngine的工厂。
51 | // 这里注意有一个坑,之前我写的时候参考的网上文档大部分都是使用的是TrustManager系统默认的证书管理器但是自建证书需要使用X509TrustManager来实现
52 | sslContext.init(keyManagerFactory.getKeyManagers(),new TrustManager[]{new TrustAllCerts()}, new SecureRandom());
53 |
54 | SSLSocketFactory factory = sslContext.getSocketFactory();
55 |
56 | return factory;
57 |
58 | } catch (Exception e) {
59 | e.printStackTrace();
60 | Log.e("tyl","Exception="+e.getMessage());
61 | return null;
62 | } finally {
63 | try {
64 | // trust_input.close();
65 | client_input.close();
66 | } catch (IOException e) {
67 | e.printStackTrace();
68 | Log.e("tyl","Exception="+e.getMessage());
69 | }
70 | }
71 | }
72 | };
--------------------------------------------------------------------------------
/app/src/main/java/com/tgdz/my/testhttps/MainActivity.java:
--------------------------------------------------------------------------------
1 | package com.tgdz.my.testhttps;
2 |
3 | import android.support.v7.app.AppCompatActivity;
4 | import android.os.Bundle;
5 | import android.util.Log;
6 | import android.webkit.WebView;
7 | import android.webkit.WebViewClient;
8 | import android.widget.TextView;
9 |
10 | import com.zhy.http.okhttp.OkHttpUtils;
11 | import com.zhy.http.okhttp.https.HttpsUtils;
12 |
13 | import java.io.BufferedReader;
14 | import java.io.IOException;
15 | import java.io.InputStream;
16 | import java.io.InputStreamReader;
17 | import java.net.HttpURLConnection;
18 | import java.net.URL;
19 | import java.security.GeneralSecurityException;
20 | import java.security.KeyStore;
21 | import java.security.cert.Certificate;
22 | import java.security.cert.CertificateException;
23 | import java.security.cert.CertificateFactory;
24 | import java.security.cert.X509Certificate;
25 | import java.util.Collections;
26 | import java.util.concurrent.TimeUnit;
27 |
28 | import javax.net.ssl.HostnameVerifier;
29 | import javax.net.ssl.HttpsURLConnection;
30 | import javax.net.ssl.SSLContext;
31 | import javax.net.ssl.SSLSession;
32 | import javax.net.ssl.SSLSocketFactory;
33 | import javax.net.ssl.TrustManagerFactory;
34 | import javax.net.ssl.X509TrustManager;
35 |
36 | import okhttp3.Call;
37 | import okhttp3.Callback;
38 | import okhttp3.CipherSuite;
39 | import okhttp3.ConnectionSpec;
40 | import okhttp3.OkHttpClient;
41 | import okhttp3.Request;
42 | import okhttp3.Response;
43 | import okhttp3.TlsVersion;
44 |
45 | public class MainActivity extends AppCompatActivity {
46 | String url = "https://admin.96166dache.cn/xxx";
47 | // String url = "https://www.test.com";
48 | private TextView my_text;
49 | private WebView my_webview;
50 | @Override
51 | protected void onCreate(Bundle savedInstanceState) {
52 | super.onCreate(savedInstanceState);
53 | setContentView(R.layout.activity_main);
54 | my_text= (TextView) findViewById(R.id.my_text);
55 | // my_webview= (WebView) findViewById(R.id.my_webview);
56 | // my_webview.setWebViewClient(new SslWebViewClient(this));
57 | // my_webview.loadUrl(url); //调用loadUrl方法为WebView加入链接
58 | getHttps();
59 | }
60 | public void getHttps() {
61 | try {
62 | OkHttpClient mOkHttpClient = null;
63 | mOkHttpClient = new OkHttpClient().newBuilder()
64 | // 主要就是下面2句,其他的和正常请求都一样的
65 | .hostnameVerifier(new Home())//忽略服务器域名不信任警告
66 | .sslSocketFactory(MySSLSocketFactory.getSocketFactory(MainActivity.this))//加入证书
67 | .build();
68 | Request request = new Request.Builder()
69 | .url(url)
70 | .build();
71 | Call call = mOkHttpClient.newCall(request);
72 | call.enqueue(new Callback() {
73 | @Override
74 | public void onFailure(Call call, final IOException e) {
75 | Log.e("tyl", "onFailure=" + e.getMessage());
76 | }
77 | @Override
78 | public void onResponse(Call call, final Response response) throws IOException {
79 | Log.e("tyl", "onResponse=" + response.body().string());
80 | }
81 | });
82 | } catch (Exception e) {
83 | Log.e("tyl", "IOException=" + e);
84 | e.printStackTrace();
85 | }
86 | }
87 |
88 | public class Home implements HostnameVerifier {
89 | public SSLSession sslSession;
90 |
91 | @Override
92 | public boolean verify(String hostname, SSLSession session) {
93 | this.sslSession = session;
94 | return true;
95 | }
96 | }
97 | // private static ConnectionSpec getConnectionSpec() {
98 | // ConnectionSpec spec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS).tlsVersions(TlsVersion.TLS_1_0).cipherSuites(CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256, CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA, CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256, CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA, CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA).build();
99 | // return spec;
100 | // }
101 | }
102 |
--------------------------------------------------------------------------------
/gradlew:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | ##############################################################################
4 | ##
5 | ## Gradle start up script for UN*X
6 | ##
7 | ##############################################################################
8 |
9 | # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
10 | DEFAULT_JVM_OPTS=""
11 |
12 | APP_NAME="Gradle"
13 | APP_BASE_NAME=`basename "$0"`
14 |
15 | # Use the maximum available, or set MAX_FD != -1 to use that value.
16 | MAX_FD="maximum"
17 |
18 | warn ( ) {
19 | echo "$*"
20 | }
21 |
22 | die ( ) {
23 | echo
24 | echo "$*"
25 | echo
26 | exit 1
27 | }
28 |
29 | # OS specific support (must be 'true' or 'false').
30 | cygwin=false
31 | msys=false
32 | darwin=false
33 | case "`uname`" in
34 | CYGWIN* )
35 | cygwin=true
36 | ;;
37 | Darwin* )
38 | darwin=true
39 | ;;
40 | MINGW* )
41 | msys=true
42 | ;;
43 | esac
44 |
45 | # Attempt to set APP_HOME
46 | # Resolve links: $0 may be a link
47 | PRG="$0"
48 | # Need this for relative symlinks.
49 | while [ -h "$PRG" ] ; do
50 | ls=`ls -ld "$PRG"`
51 | link=`expr "$ls" : '.*-> \(.*\)$'`
52 | if expr "$link" : '/.*' > /dev/null; then
53 | PRG="$link"
54 | else
55 | PRG=`dirname "$PRG"`"/$link"
56 | fi
57 | done
58 | SAVED="`pwd`"
59 | cd "`dirname \"$PRG\"`/" >/dev/null
60 | APP_HOME="`pwd -P`"
61 | cd "$SAVED" >/dev/null
62 |
63 | CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
64 |
65 | # Determine the Java command to use to start the JVM.
66 | if [ -n "$JAVA_HOME" ] ; then
67 | if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
68 | # IBM's JDK on AIX uses strange locations for the executables
69 | JAVACMD="$JAVA_HOME/jre/sh/java"
70 | else
71 | JAVACMD="$JAVA_HOME/bin/java"
72 | fi
73 | if [ ! -x "$JAVACMD" ] ; then
74 | die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
75 |
76 | Please set the JAVA_HOME variable in your environment to match the
77 | location of your Java installation."
78 | fi
79 | else
80 | JAVACMD="java"
81 | which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
82 |
83 | Please set the JAVA_HOME variable in your environment to match the
84 | location of your Java installation."
85 | fi
86 |
87 | # Increase the maximum file descriptors if we can.
88 | if [ "$cygwin" = "false" -a "$darwin" = "false" ] ; then
89 | MAX_FD_LIMIT=`ulimit -H -n`
90 | if [ $? -eq 0 ] ; then
91 | if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then
92 | MAX_FD="$MAX_FD_LIMIT"
93 | fi
94 | ulimit -n $MAX_FD
95 | if [ $? -ne 0 ] ; then
96 | warn "Could not set maximum file descriptor limit: $MAX_FD"
97 | fi
98 | else
99 | warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT"
100 | fi
101 | fi
102 |
103 | # For Darwin, add options to specify how the application appears in the dock
104 | if $darwin; then
105 | GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\""
106 | fi
107 |
108 | # For Cygwin, switch paths to Windows format before running java
109 | if $cygwin ; then
110 | APP_HOME=`cygpath --path --mixed "$APP_HOME"`
111 | CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
112 | JAVACMD=`cygpath --unix "$JAVACMD"`
113 |
114 | # We build the pattern for arguments to be converted via cygpath
115 | ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null`
116 | SEP=""
117 | for dir in $ROOTDIRSRAW ; do
118 | ROOTDIRS="$ROOTDIRS$SEP$dir"
119 | SEP="|"
120 | done
121 | OURCYGPATTERN="(^($ROOTDIRS))"
122 | # Add a user-defined pattern to the cygpath arguments
123 | if [ "$GRADLE_CYGPATTERN" != "" ] ; then
124 | OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)"
125 | fi
126 | # Now convert the arguments - kludge to limit ourselves to /bin/sh
127 | i=0
128 | for arg in "$@" ; do
129 | CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -`
130 | CHECK2=`echo "$arg"|egrep -c "^-"` ### Determine if an option
131 |
132 | if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then ### Added a condition
133 | eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"`
134 | else
135 | eval `echo args$i`="\"$arg\""
136 | fi
137 | i=$((i+1))
138 | done
139 | case $i in
140 | (0) set -- ;;
141 | (1) set -- "$args0" ;;
142 | (2) set -- "$args0" "$args1" ;;
143 | (3) set -- "$args0" "$args1" "$args2" ;;
144 | (4) set -- "$args0" "$args1" "$args2" "$args3" ;;
145 | (5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
146 | (6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
147 | (7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
148 | (8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
149 | (9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
150 | esac
151 | fi
152 |
153 | # Split up the JVM_OPTS And GRADLE_OPTS values into an array, following the shell quoting and substitution rules
154 | function splitJvmOpts() {
155 | JVM_OPTS=("$@")
156 | }
157 | eval splitJvmOpts $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS
158 | JVM_OPTS[${#JVM_OPTS[*]}]="-Dorg.gradle.appname=$APP_BASE_NAME"
159 |
160 | exec "$JAVACMD" "${JVM_OPTS[@]}" -classpath "$CLASSPATH" org.gradle.wrapper.GradleWrapperMain "$@"
161 |
--------------------------------------------------------------------------------
/app/src/main/java/com/tgdz/my/testhttps/SslWebViewClient.java:
--------------------------------------------------------------------------------
1 | package com.tgdz.my.testhttps;
2 | import android.annotation.TargetApi;
3 | import android.content.Context;
4 | import android.net.Uri;
5 | import android.os.Build;
6 | import android.util.Log;
7 | import android.webkit.WebResourceRequest;
8 | import android.webkit.WebResourceResponse;
9 | import android.webkit.WebView;
10 | import android.webkit.WebViewClient;
11 |
12 | import java.io.IOException;
13 | import java.io.InputStream;
14 | import java.net.MalformedURLException;
15 | import java.net.URL;
16 | import java.security.KeyManagementException;
17 | import java.security.KeyStore;
18 | import java.security.KeyStoreException;
19 | import java.security.NoSuchAlgorithmException;
20 | import java.security.SecureRandom;
21 | import java.security.UnrecoverableKeyException;
22 | import java.security.cert.CertificateException;
23 | import java.security.cert.CertificateFactory;
24 | import java.security.cert.X509Certificate;
25 |
26 | import javax.net.ssl.HostnameVerifier;
27 | import javax.net.ssl.HttpsURLConnection;
28 | import javax.net.ssl.KeyManager;
29 | import javax.net.ssl.KeyManagerFactory;
30 | import javax.net.ssl.SSLContext;
31 | import javax.net.ssl.SSLSession;
32 | import javax.net.ssl.SSLSocketFactory;
33 | import javax.net.ssl.TrustManager;
34 | import javax.net.ssl.TrustManagerFactory;
35 | import javax.net.ssl.X509TrustManager;
36 |
37 | public class SslWebViewClient extends WebViewClient {
38 |
39 | private SSLContext sslContext;
40 | private static final String KEY_STORE_TYPE_BKS = "bks";//证书类型
41 | private static final String KEY_STORE_TYPE_P12 = "PKCS12";//证书类型
42 | private static final String KEY_STORE_PASSWORD = "";//证书密码(应该是客户端证书密码)
43 | private static final String KEY_STORE_TRUST_PASSWORD = "123456";//授信证书密码(应该是服务端证书密码)
44 | private static InputStream trust_input;
45 | private static InputStream client_input;
46 |
47 | public SslWebViewClient(Context context) {
48 | try {
49 | //服务器授信证书
50 | // trust_input = context.getResources().getAssets().open("client.bks");
51 | //客户端证书
52 | client_input = context.getResources().getAssets().open("ca.p12");
53 | sslContext = SSLContext.getInstance("TLS");
54 | // KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
55 | // trustStore.load(trust_input, KEY_STORE_TRUST_PASSWORD.toCharArray());
56 | KeyStore keyStore = KeyStore.getInstance(KEY_STORE_TYPE_P12);
57 | keyStore.load(client_input, KEY_STORE_PASSWORD.toCharArray());
58 | // TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
59 | // trustManagerFactory.init(trustStore);
60 | KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
61 | keyManagerFactory.init(keyStore, KEY_STORE_PASSWORD.toCharArray());
62 | sslContext.init(keyManagerFactory.getKeyManagers(),new TrustManager[]{new TrustAllCerts()}, new SecureRandom());
63 | // SSLSocketFactory factory = sslContext.getSocketFactory();
64 |
65 | } catch (Exception e) {
66 | e.printStackTrace();
67 | Log.e("tyl","Exception="+e.getMessage());
68 | } finally {
69 | try {
70 | // trust_input.close();
71 | client_input.close();
72 | } catch (IOException e) {
73 | e.printStackTrace();
74 | Log.e("tyl","Exception="+e.getMessage());
75 | }
76 | }
77 |
78 | }
79 |
80 | @Override
81 | public WebResourceResponse shouldInterceptRequest(WebView view, String url) {
82 | return processRequest(Uri.parse(url));
83 | }
84 |
85 | @TargetApi(Build.VERSION_CODES.LOLLIPOP)
86 | @Override
87 | public WebResourceResponse shouldInterceptRequest(WebView view, WebResourceRequest request) {
88 | return processRequest(request.getUrl());
89 | }
90 |
91 | private WebResourceResponse processRequest(Uri uri) {
92 | try {
93 | //设置连接
94 | URL url = new URL(uri.toString());
95 | HttpsURLConnection urlConnection = (HttpsURLConnection) url.openConnection();
96 | //为request设置SSL Socket Factory
97 | urlConnection.setSSLSocketFactory(sslContext.getSocketFactory());
98 |
99 | urlConnection.setHostnameVerifier(new HostnameVerifier() {
100 | @Override
101 | public boolean verify(String hostname, SSLSession session) {
102 | return true;
103 | }
104 | });
105 |
106 | //获取请求的内容、contentType、encoding
107 | InputStream inputStream = urlConnection.getInputStream();
108 | String contentType = urlConnection.getContentType();
109 | String encoding = urlConnection.getContentEncoding();
110 | if (null != contentType){
111 | String mimeType = contentType;
112 | if (contentType.contains(";")){
113 | mimeType = contentType.split(";")[0].trim();
114 | }
115 | //返回新的response
116 | return new WebResourceResponse(mimeType, encoding, inputStream);
117 | }
118 |
119 | } catch (MalformedURLException e) {
120 | e.printStackTrace();
121 | } catch (IOException e) {
122 | e.printStackTrace();
123 | }
124 | return null;
125 | }
126 |
127 | private TrustManager[] prepareTrustManager(InputStream... certificates) {
128 | if (certificates == null || certificates.length <= 0){
129 | return null;
130 | }
131 | try {
132 | CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
133 | KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
134 | keyStore.load(null);
135 | int index = 0;
136 | for (InputStream certificate : certificates) {
137 | String certificateAlias = Integer.toString(index++);
138 | keyStore.setCertificateEntry(certificateAlias, certificateFactory.generateCertificate(certificate));
139 | try {
140 | if (certificate != null)
141 | certificate.close();
142 | } catch (IOException e){
143 |
144 | }
145 | }
146 | TrustManagerFactory trustManagerFactory = null;
147 | trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
148 | trustManagerFactory.init(keyStore);
149 | TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
150 | return trustManagers;
151 | } catch (NoSuchAlgorithmException e) {
152 | e.printStackTrace();
153 | } catch (CertificateException e) {
154 | e.printStackTrace();
155 | } catch (KeyStoreException e) {
156 | e.printStackTrace();
157 | } catch (Exception e) {
158 | e.printStackTrace();
159 | }
160 | return null;
161 |
162 | }
163 |
164 | private KeyManager[] prepareKeyManager(InputStream bksFile, String password) {
165 | try {
166 | if (bksFile == null || password == null){
167 | return null;
168 | }
169 | KeyStore clientKeyStore = KeyStore.getInstance("BKS");
170 | clientKeyStore.load(bksFile, password.toCharArray());
171 | KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
172 | keyManagerFactory.init(clientKeyStore, password.toCharArray());
173 | return keyManagerFactory.getKeyManagers();
174 | } catch (KeyStoreException e) {
175 | e.printStackTrace();
176 | } catch (NoSuchAlgorithmException e) {
177 | e.printStackTrace();
178 | } catch (UnrecoverableKeyException e) {
179 | e.printStackTrace();
180 | } catch (CertificateException e) {
181 | e.printStackTrace();
182 | } catch (IOException e) {
183 | e.printStackTrace();
184 | } catch (Exception e) {
185 | e.printStackTrace();
186 | }
187 | return null;
188 | }
189 |
190 | private static X509TrustManager chooseTrustManager(TrustManager[] trustManagers) {
191 | for (TrustManager trustManager : trustManagers) {
192 | if (trustManager instanceof X509TrustManager) {
193 | return (X509TrustManager) trustManager;
194 | }
195 | }
196 | return null;
197 | }
198 |
199 | public static class MyTrustManager implements X509TrustManager{
200 | private X509TrustManager defaultTrustManager;
201 | private X509TrustManager localTrustManager;
202 |
203 | public MyTrustManager(X509TrustManager localTrustManager) throws NoSuchAlgorithmException, KeyStoreException {
204 | TrustManagerFactory var4 = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
205 | var4.init((KeyStore) null);
206 | defaultTrustManager = chooseTrustManager(var4.getTrustManagers());
207 | this.localTrustManager = localTrustManager;
208 | }
209 |
210 | @Override
211 | public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
212 |
213 | }
214 |
215 | @Override
216 | public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
217 | try {
218 | defaultTrustManager.checkServerTrusted(chain, authType);
219 | } catch (CertificateException ce) {
220 | localTrustManager.checkServerTrusted(chain, authType);
221 | }
222 | }
223 |
224 | @Override
225 | public X509Certificate[] getAcceptedIssuers() {
226 | return new X509Certificate[0];
227 | }
228 | }
229 |
230 | public static class UnSafeTrustManager implements X509TrustManager {
231 | @Override
232 | public void checkClientTrusted(X509Certificate[] chain, String authType)
233 | throws CertificateException {
234 | }
235 |
236 | @Override
237 | public void checkServerTrusted(X509Certificate[] chain, String authType)
238 | throws CertificateException {
239 | }
240 |
241 | @Override
242 | public X509Certificate[] getAcceptedIssuers() {
243 | return new java.security.cert.X509Certificate[]{};
244 | }
245 | }
246 |
247 |
248 | }
249 |
--------------------------------------------------------------------------------