本文介绍了Android的/ Java的 - 如何建立HTTPS连接?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我这里code,允许我连接到HTTPS服务器和传输数据。它工作得很好,但我想知道如果我做了正确的方式,我其实做一个安全的连接。请检查我的工作。谢谢你。

I have code here that allows me to connect to https servers and transfer data. It works just fine, but I want to know if I'm doing it the right way and I'm actually making a secure connection. Please check my work. Thanks.

public class HTTPSClient extends DefaultHttpClient
{

    public HTTPSClient()
    {
    }

    @Override
    protected ClientConnectionManager createClientConnectionManager()
    {
        SchemeRegistry registry = new SchemeRegistry();

        HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER;
        final SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory();
        socketFactory.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
        //socketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

        registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
        registry.register(new Scheme("https", socketFactory, 80));
        registry.register(new Scheme("https", socketFactory, 443));
        HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);

        HttpParams params = new BasicHttpParams();
        HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
        HttpProtocolParams.setContentCharset(params, "UTF-8");

        return new SingleClientConnManager(params, registry);
    }
}

我用这个code像这样:

I use this code like so:

HttpResponse response = mConnection.httpsClient.execute(new HttpHost("www.somehostname.com", 80), new HttpGet("https://someaddress")));

然后我读那里的响应。再次感谢。

I then read the response from there.Thanks again.

推荐答案

看看官方Custom SSL上下文来自Apache的HttpClient 的教程。

斯蒂芬ç提到的,你不需要注册端口80用于HTTPS环境。注册它,而不是用于HTTP(如果neccessary的话)。这意味着,当你调用一个HTTPS URL,适当的SocketFactory,按照指定的,将被使用。

As Stephen C mentioned, you don't need to register port 80 for the https context. Register it instead for http (if neccessary at all). This means, when you call a https url, the appropriate socketFactory, as you specified, will be used.

注:在大多数情况下收到证书不被信任或类似的异常,当您从Android设备连接到站点,从不太知名发行商定制的证书或证书。如果是这样的话,你需要创建一个自定义的证书存储您的应用程序,这样它会信任你的服务器证书。如果你想知道的热来实现这一点,你可以看看我的博客文章

NOTE: You will receive in most cases a "Certificate not trusted" or similar exception when you connect from Android devices to sites with custom certificates or certificates from not very well known issuers. If this is the case, you need to create a custom certificate store for your application, so that it will trust your server certificates. If you want to know hot to achieve this, you can look at my blog article

如果您要检查,如果您的设备确实是通过安全连接进行通信,可以拨打电话到HTTPS端点从Android模拟器,并捕获与流量的您的开发机器上。

If you want to check, if your device is really communicating via a secured connection, you could make the call to the https endpoint from your android emulator and capture the traffic with Wireshark on your developer machine.

希望这有助于

这篇关于Android的/ Java的 - 如何建立HTTPS连接?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-14 00:18