问题描述
我使用 Okhttp 进行证书固定。如果我使用证书生成器如下
val certificatePinner = CertificatePinner.Builder()
.add("2.54.3.88","sha256/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=")
.build()
builder.addInterceptor(interceptor)
.certificatePinner(certificatePinner)
我收到异常“未找到证书路径的信任锚”
但在证书固定之前,如果我输入以下代码
val trustAllCerts: Array<TrustManager> = arrayOf(object : X509TrustManager {
override fun checkClientTrusted(chain: Array<out java.security.cert.X509Certificate>?,authType: String?) {
}
override fun checkServerTrusted(chain: Array<out java.security.cert.X509Certificate>?,authType: String?) {
}
override fun getAcceptedIssuers(): Array<out java.security.cert.X509Certificate>? = arrayOf()
})
// Install the all-trusting trust manager
val sslContext = SSLContext.getInstance("SSL")
sslContext.init(null,trustAllCerts,SecureRandom())
// Create an ssl socket factory with our all-trusting manager
val sslSocketFactory = sslContext.socketFactory
if (trustAllCerts.isNotEmpty() && trustAllCerts.first() is X509TrustManager) {
builder.sslSocketFactory(sslSocketFactory,trustAllCerts.first() as X509TrustManager)
builder.hostnameVerifier { hostname,session -> true }
}
} catch (e: Exception) {
}
val certificatePinner = CertificatePinner.Builder()
.add("2.54.3.88","sha256/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=")
.build()
builder.addInterceptor(interceptor)
.certificatePinner(certificatePinner)
我收到“证书固定失败”异常,如下所示
Response Failure: Certificate pinning failure!
Peer certificate chain:
Pinned certificates for 2.54.3.88:sha256/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
根据 this 博客在证书锁定失败异常的情况下,Okhttp 应该为您提供服务器的证书公钥哈希。但是我在对等证书链中得到空响应:
P.S:上面的主机名和 SSL 公钥不是真实的,但即使我使用真实的,我仍然得到相同的结果
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)