dev*_*v93 6 ssl android ssl-certificate webview android-webview
我有一个要在 Android Webview 中打开的网站。该网站使用由COMODO RSA Domain Validation Secure Server CA. 问题是我得到了一个Unkown Certificate Error适用于所有运行版本低于(包括)Android 5 的设备。
我在文档中搜索过,据我所知,问题是 CA 是在 Android 5 发布之前创建的。
我可以做一个handler.proceed();,onReceivedSslError但我想保证应用程序的安全,我认为谷歌无论如何都可以拒绝 Play 商店中的应用程序。
我发现我可以做这样的事情
// Load CAs from an InputStream
// (could be from a resource or ByteArrayInputStream or ...)
CertificateFactory cf = CertificateFactory.getInstance("X.509");
// From https://www.washington.edu/itconnect/security/ca/load-der.crt
InputStream caInput = new BufferedInputStream(new FileInputStream("load-der.crt"));
Certificate ca;
try {
ca = cf.generateCertificate(caInput);
System.out.println("ca=" + ((X509Certificate) ca).getSubjectDN());
} finally {
caInput.close();
}
// Create a KeyStore containing our trusted CAs
String keyStoreType = KeyStore.getDefaultType();
KeyStore keyStore = KeyStore.getInstance(keyStoreType);
keyStore.load(null, null);
keyStore.setCertificateEntry("ca", ca);
// Create a TrustManager that trusts the CAs in our KeyStore
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keyStore);
// Create an SSLContext that uses our TrustManager
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), null);
// Tell the URLConnection to use a SocketFactory from our SSLContext
URL url = new URL("https://certs.cac.washington.edu/CAtest/");
HttpsURLConnection urlConnection =
(HttpsURLConnection)url.openConnection();
urlConnection.setSSLSocketFactory(context.getSocketFactory());
InputStream in = urlConnection.getInputStream();
copyInputStreamToOutputStream(in, System.out);
但问题是我的代码是这样的
myWebView.loadUrl("https://site.domain.com")
如何在我的 Webview 中安装 CA 的证书?
谢谢
| 归档时间: |
|
| 查看次数: |
2289 次 |
| 最近记录: |