use*_*230 5 android client-certificates pinning sslsocketfactory okhttp3
我正在尝试导入我自己的BKS文件,其中包含我的自签名证书,但我遇到了okHTTP的问题.我想用bks文件做这个,我也通过sha512 /得到它.
我从几个教程中得到了这个代码,我知道问题在于,但无法修复它.
import android.content.Context;
import android.util.Log;
import java.io.InputStream;
import java.security.KeyStore;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.Response;
public class Pinning
{
Context context;
public static String TRUST_STORE_PASSWORD = "your_secret";
private static final String ENDPOINT = "https://api.yourdomain.com/";
public Pinning(Context c) {
this.context = c;
}
private SSLSocketFactory getPinnedCertSslSocketFactory(Context context) {
try {
KeyStore trusted = KeyStore.getInstance("BKS");
InputStream in = context.getResources().openRawResource(R.raw.mytruststore);
trusted.load(in, "mypass".toCharArray());
SSLContext sslContext = SSLContext.getInstance("TLS");
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(
TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(trusted);
sslContext.init(null, trustManagerFactory.getTrustManagers(), null);
return sslContext.getSocketFactory();
} catch (Exception e) {
Log.e("MyApp", e.getMessage(), e);
}
return null;
}
public void makeRequest() {
try {
OkHttpClient client = new OkHttpClient().sslSocketFactory(getPinnedCertSslSocketFactory(this.context));
Request request = new Request.Builder()
.url(ENDPOINT)
.build();
Response response = client.newCall(request).execute();
Log.d("MyApp", response.body().string());
} catch (Exception e) {
Log.e("MyApp", e.getMessage(), e);
}
}
}
现在我在以下行中收到以下错误:
OkHttpClient client = new OkHttpClient().sslSocketFactory(getPinnedCertSslSocketFactory(this.context)).;
错误:
okHTTPClient中的SSLSocketFactory无法应用于javax.net.SSLSocketFactory.
如果你在导入中查看,你会看到来自javax的以下3个.
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
所以我得到了一个错配.好像我需要一个okHTTP - sslSocketFactory和我的bks文件.但我找不到一个有效的解释.我也在使用okHTTP 3.3.1
compile 'com.squareup.okhttp3:okhttp:3.3.1'
我在这里找到了解释/解决方案:如何使用Square OKHTTP固定证书?.正如先前所说.我想使用bks文件,而不是sha512 /方法.
因此,我需要知道,如何将javax.ssl.Factory解析为okHTTP-sslFactory或如何使用generate bks文件创建okHTTPsslFactory.
此外,方法setSSLSocketFactory在okHTTP 3.1.1中不再可用.
非常感谢您的帮助,感谢您抽出宝贵时间来解决这个问题!
您应该使用以下语法
OkHttpClient client = new OkHttpClient.Builder()
.sslSocketFactory(getPinnedCertSslSocketFactory(this.context))
.build();
| 归档时间: |
|
| 查看次数: |
1184 次 |
| 最近记录: |