`

android javax.net.ssl.SSLPeerUnverifiedException: No peer certificate

阅读更多
最近做项目,界面有选择使用SSL登陆或非SSL登陆,发现本来可以登陆的程序刷系统或者换机器登陆不了,痛苦了好一会儿,解决了,如下为解决方案,项目中用的挺帅的

第一步:编写SSLSocketFactoryEx,以代替原有的SSLSocketFactory,代码如下
import org.apache.http.conn.ssl.SSLSocketFactory;
public class SSLSocketFactoryEx extends SSLSocketFactory {     
     
    SSLContext sslContext = SSLContext.getInstance("TLS");     
     
    public SSLSocketFactoryEx(KeyStore truststore)     
            throws NoSuchAlgorithmException, KeyManagementException,     
            KeyStoreException, UnrecoverableKeyException {     
        super(truststore);     
     
        TrustManager tm = new X509TrustManager() {     
     
            public java.security.cert.X509Certificate[] getAcceptedIssuers() {     
                return null;     
            }     
     
            @Override     
            public void checkClientTrusted(     
                    java.security.cert.X509Certificate[] chain, String authType)     
                    throws java.security.cert.CertificateException {     
     
            }     
     
            @Override     
            public void checkServerTrusted(     
                    java.security.cert.X509Certificate[] chain, String authType)     
                    throws java.security.cert.CertificateException {     
     
            }     
        };     
     
        sslContext.init(null, new TrustManager[] { tm }, null);     
    }     
     
    @Override     
    public Socket createSocket(Socket socket, String host, int port,     
            boolean autoClose) throws IOException, UnknownHostException {     
        return sslContext.getSocketFactory().createSocket(socket, host, port,     
                autoClose);     
    }     
     
    @Override     
    public Socket createSocket() throws IOException {     
        return sslContext.getSocketFactory().createSocket();     
    }     



第二步:编写新的HttpClient  getNewHttpClient来代替原有DefaultHttpClient,代码如下:
public static HttpClient getNewHttpClient() {
   try {
       KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
       trustStore.load(null, null);

       SSLSocketFactory sf = new SSLSocketFactoryEx(trustStore);
       sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

       HttpParams params = new BasicHttpParams();
       HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
       HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);

       SchemeRegistry registry = new SchemeRegistry();
       registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
       registry.register(new Scheme("https", sf, 443));

       ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);

       return new DefaultHttpClient(ccm, params);
   } catch (Exception e) {
       return new DefaultHttpClient();
   }
}

第三步;接着在项目里把所有获得HttpClient实例通过DefaultHttpClient,都改成从
getNewHttpClient获取
//HttpClient hc = new DefaultHttpClient(httpParams);
//modified by lucky.lan@2012/05/10
HttpClient hc = ConnectionManager.getNewHttpClient() ;
分享到:
| sqlite转换日期格式
评论
5 楼 kevin_liao 2015-10-23  
非常感谢,,各种尝试,用了之后就OK了。。世界突然就安静了
4 楼 202013 2014-10-28  
非常感谢,正在做https的 
3 楼 coder_dai 2013-12-26  
赞一个,十分感谢!
2 楼 Trinea 2013-08-28  
可通过客户端信任所有证书或是服务器端添加证书两种方式解决,具体原因分析及解决方式见:http://www.trinea.cn/android/android-java-https-ssl-exception-2/
1 楼 IEee802x 2013-01-31  
十分感谢,项目需要分享微博,刚开始一直报验证异常,用了你的方法,发送微博成功。
发表评论

您还没有登录,请您登录后再发表评论

相关推荐

Magicbox
Global site tag (gtag.js) - Google Analytics