现在google play对https有比较严格的审核,所以不能用httpclient来跳过https验证
参考文章:
1.https://developer.android.com/training/articles/security-ssl.html#HttpsExample
2.http://www.codeproject.com/Articles/826045/Android-security-Implementation-of-Self-signed-SSL
public class HttpsRequestUtil {
/**
* @param url
* @return result
*/
private static final int SET_CONNECTION_TIMEOUT = 15 * 1000;
private static final int SET_READ_TIMEOUT = 15 * 1000;
private static final int SET_SOCKET_TIMEOUT = 15 * 1000;
public static String doHttpsRequest(String requestURL, Context mContext,String cerFile ){
MyLogCat.d(Constants.TAG,"doHttpsRequest requestURL = " + requestURL);
String resutl = null;
CertificateFactory cf;
try {
cf = CertificateFactory.getInstance("X.509");
AssetManager am = mContext.getAssets();
InputStream caInput = new BufferedInputStream(am.open(cerFile));
Certificate ca;
try {
ca = cf.generateCertificate(caInput);
// System.out.println("ca=" + ((X509Certificate) ca).getSubjectDN());
} finally {
try {
caInput.close();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
// Create a KeyStore containing our trusted CAs
String keyStoreType = KeyStore.getDefaultType();
KeyStore keyStore = KeyStore.getInstance(keyStoreType);
keyStore.load(null, null);
keyStore.setCertificateEntry("ca", ca);
// Create a TrustManager that trusts the CAs in our KeyStore
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keyStore);
// Create an SSLContext that uses our TrustManager
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), null);
// Tell the URLConnection to use a SocketFactory from our SSLContext
/*URL url = new URL("https://certs.cac.washington.edu/CAtest/");*/
javax.net.ssl.SSLSocketFactory sslSocket = context.getSocketFactory();
HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
URL url = new URL(requestURL);
HttpsURLConnection urlConnection =
(HttpsURLConnection)url.openConnection();
urlConnection.setSSLSocketFactory(context.getSocketFactory());
urlConnection.setHostnameVerifier(hostnameVerifier);
urlConnection.setConnectTimeout(SET_CONNECTION_TIMEOUT);
urlConnection.setReadTimeout(SET_READ_TIMEOUT);
InputStream in = urlConnection.getInputStream();
//copyInputStreamToOutputStream(in, System.out);
BufferedReader reader = new BufferedReader(new InputStreamReader(in));
StringBuilder sb = new StringBuilder();
String line = null;
try {
while ((line = reader.readLine()) != null) {
sb.append(line);
}
} catch (IOException e) {
e.printStackTrace();
} finally {
try {
in.close();
} catch (IOException e) {
e.printStackTrace();
}
}
if (sb!=null){
resutl = sb.toString();
}
} catch (CertificateException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (FileNotFoundException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (NoSuchAlgorithmException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (KeyStoreException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (KeyManagementException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (MalformedURLException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (IOException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
MyLogCat.d(Constants.TAG,"doHttpsRequest reuslt = " + resutl);
return resutl;
}
}
相关推荐
The only guide available on the subject, Network Security with OpenSSLdetails the challenges in securing network communications, and shows you how to use OpenSSL tools to best meet those challenges. ...
Ivan Ristic is a security researcher, engineer, and author, known especially for his contributions to the web application firewall field and development of ModSecurity, an open source web application ...
1. SSL, TLS, and Cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Transport Layer Security 1...
Implement IPsec site-to-site VPN tunnels and SSL remote client VPN. Configure the SRX as a next-generation firewall (NGFW). Configure Unified Threat Management (UTM). Configure the automated...
• Web server security - detailed technical information about SSL (Secure Socket Layer), TLS (Transport Layer Security), host security, server access methods, and secure CGI/API programming. • ...
Industrial-grade protocols such as SSL/TLS, Kerberos and even the huge SET protocol suite [37] can then be tackled. Although these proofs are far from automatic, the effort needed to undertake them ...
Chapter 1: The Android Security Model – the Big Picture 7 Installing with care 7 Android platform architecture 9 Linux kernel 9 Middleware 11 Dalvik virtual machine 11 Application layer 11 Android ...
and code your own malware Audit Android and iOS apps using static and dynamic analysis Examine iOS App Data storage and Keychain security vulnerabilities Set up the Wireless Pentesting Lab for Mobile ...
Secure Socket Layer (SSL) and Transport Layer Security (TLS) are the current standards for communicating information securely over the internet. With TLS, all data being transmitted from point A to ...
1.2 Security and state spaces 10 2.1 Example clearance order 26 2.2 Example categories order 27 2.3 Example MLS lattice 28 2.4 The *-Property 30 2.5 The Chinese Wall 32 2.6 Functionality versus ...
The Radia Perlman Series in Computer Networking and Security Acknowledgments Chapter 1. Introduction Section 1.1. Roadmap to the Book Section 1.2. What Type of Book Is This? Section 1.3. ...
Identify and overcome security flaws in your network to get a deeper insight into security analysis This is a fast-paced book that focuses on quick and effective packet captures through practical ...
SSL and TLS Section 4.1. Cryptography Section 4.2. SSL Section 4.3. OpenSSL Section 4.4. Apache and SSL Section 4.5. Setting Up a Certificate Authority Section 4.6. Performance ...
You’ll begin by installing and tuning Kali Linux 2 on Raspberry Pi 3 and then get started with penetration testing. You will be exposed to various network security scenarios such as wireless security...
You will also learn how to plan and perform various attacks such as man-in-the-middle, password cracking, bypassing SSL encryption, compromising systems using various toolkits, and many more....
SecureBridge represents clients and servers for SSH, SFTP and SSL protocols as a network security solution. It protects any TCP traffic using SSH or SSL secure transport layer protocols, that provide ...
subject, Network Security with OpenSSLdetails the challenges in securing network communications, and shows you how to use OpenSSL tools to best meet those challenges. Focused on the practical, this ...
Understand various security settings of WCF, and host a WCF service with Basic Authentication, SSL, and Windows Authentication. Explore extension points of WCF and extend a WCF service with custom ...
Starting with recipes demonstrating the ...Increase the security of your distributed applications by adding SSL support Implement a HTTP client easily Use iostreams, scatter-gather buffers, and timers
SecureBridge is a set of network security and data protection solutions that can protect any TCP traffic using SSH or SSL secure transport layer protocols that provide authentication for both client ...