SSL证书与Picasso钉扎

Question

我正在使用Picasso来缓存图像.我们的后端最近使用自签名证书固定作为身份验证切换到HTTPS.我使用khandroid库创建一个HTTP客户端,将证书固定到每个请求; 基本上遵循这个例子.

http://ogrelab.ikratko.com/using-android-volley-with-self-signed-certificate/

我现在需要将同样的概念应用于毕加索,但我不确定如何修改Picasso的单例以使用固定的SSL证书.

Answer 1

事实证明我只是在寻找错误的地方.我试图修改OkHttpDownloader,但我需要修改OkHttpClient.这是一些示例代码.

public static Picasso getInstance(Context context) {
        if (sPicasso == null) {
            InputStream keyStore = context.getResources().openRawResource(R.raw.my_keystore);
            Picasso.Builder builder = new Picasso.Builder(context);
            OkHttpClient okHttpClient = new OkHttpClient();
            SSLContext sslContext;
            try {
                sslContext = SSLContext.getInstance("TLS");
                sslContext.init(null, new TrustManager[]{new SsX509TrustManager(keyStore, password)}, null);
                okHttpClient.setSslSocketFactory(sslContext.getSocketFactory());
                OkHttpDownloader okHttpDownloader = new OkHttpDownloader(okHttpClient);
                builder.downloader(okHttpDownloader);
                sPicasso = builder.build();
            } catch (NoSuchAlgorithmException e) {
                throw new IllegalStateException("Failure initializing default SSL context", e);
            } catch (KeyManagementException e) {
                throw new IllegalStateException("Failure initializing default SSL context", e);
            } catch (GeneralSecurityException e) {
                e.printStackTrace();
            }
        }

        return sPicasso;
    }