问题描述
我们将以下代码用于SSL固定。但是,当我们尝试使用带有过期证书的HttpsURLConnection建立网络连接时,此类下的类不会引发异常。如果此代码有任何问题,请告诉我们。
import android.content.Context;
import java.io.BufferedInputStream;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
public class SslUtils {
private SslUtils() {
//Implementation not required
}
public static SSLContext getSslContextForCertificateFile(Context context,int fileName) {
try {
KeyStore keyStore = SslUtils.getKeyStore(context,fileName);
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
sslContext.init(null,trustManagerFactory.getTrustManagers(),new SecureRandom());
return sslContext;
} catch (Exception e) {
String msg = "Error during creating SslContext for certificate from assets";
throw new RuntimeException(msg);
}
}
private static KeyStore getKeyStore(Context context,int fileName) {
KeyStore keyStore = null;
try {
try (InputStream caInput = new BufferedInputStream(context
.getResources().openRawResource(fileName))) {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Certificate ca;
ca = cf.generateCertificate(caInput);
TraceUtils.logE("SslUtils","SslUtils: no err: generateCertificate: ca=" + ((X509Certificate) ca).getSubjectDN());
String keyStoreType = KeyStore.getDefaultType();
keyStore = KeyStore.getInstance(keyStoreType);
keyStore.load(null,null);
keyStore.setCertificateEntry("ca",ca);
}
} catch (Exception e) {
TraceUtils.logE("SslUtils","SslUtils:getKeyStore: " + e);
}
return keyStore;
}
}
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)