问题描述
主机名验证器
您的应用正在使用 HostnameVerifier 接口的不安全实现。您可以在这篇 Google 帮助中心文章中找到有关如何解决问题的更多信息。
okHttpClientBuilder.hostnameVerifier((hostname,session) -> {
Certificate[] certs;
try {
certs = session.getPeerCertificates();
//Log.e(TAG,"getHttpClient: "+certs[0] );
} catch (SSLException e) {
Log.e(TAG,"getHttpClient: "+e.getMessage() );
return false;
}
X509Certificate x509 = (X509Certificate) certs[0];
// We can be case-insensitive when comparing the host we used to
// establish the socket to the hostname in the certificate.
String hostName = hostname.trim().toLowerCase(Locale.ENGLISH);
// Verify the first CN provided. Other CNs are ignored. Firefox,wget,// curl,and Sun Java work this way.
String firstCn = getFirstCn(x509);
System.out.println(TAG + ": firstCn: " + firstCn);
Log.e(TAG,"getHttpClient:1 "+hostName +" "+firstCn );
if (matches(hostName,firstCn)) {
Log.e(TAG,"getHttpClient:2 "+hostName+" "+firstCn );
return true;
}
for (String cn : getDNSSubjectAlts(x509)) {
if (matches(hostName,cn)) {
Log.e(TAG,"getHttpClient: True" );
return true;
}
}
Log.e(TAG,"getHttpClient: False" );
return false;
});
return okHttpClientBuilder.build();
}
private static String getFirstCn(X509Certificate cert) {
String subjectPrincipal = cert.getSubjectX500Principal().toString();
Log.e(TAG,"getFirstCn: "+subjectPrincipal );
for (String token : subjectPrincipal.split(",")) {
int x = token.indexOf("CN=");
if (x >= 0) {
return token.substring(x + 3);
}
}
return null;
}
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)