现在google play对https有比较严格的审核,所以不能用httpclient来跳过https验证
参考文章:
1.https://developer.android.com/training/articles/security-ssl.html#HttpsExample
2.http://www.codeproject.com/Articles/826045/Android-security-Implementation-of-Self-signed-SSL
public class HttpsRequestUtil {
/**
* @param url
* @return result
*/
private static final int SET_CONNECTION_TIMEOUT = 15 * 1000;
private static final int SET_READ_TIMEOUT = 15 * 1000;
private static final int SET_SOCKET_TIMEOUT = 15 * 1000;
public static String doHttpsRequest(String requestURL, Context mContext,String cerFile ){
MyLogCat.d(Constants.TAG,"doHttpsRequest requestURL = " + requestURL);
String resutl = null;
CertificateFactory cf;
try {
cf = CertificateFactory.getInstance("X.509");
AssetManager am = mContext.getAssets();
InputStream caInput = new BufferedInputStream(am.open(cerFile));
Certificate ca;
try {
ca = cf.generateCertificate(caInput);
// System.out.println("ca=" + ((X509Certificate) ca).getSubjectDN());
} finally {
try {
caInput.close();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
// Create a KeyStore containing our trusted CAs
String keyStoreType = KeyStore.getDefaultType();
KeyStore keyStore = KeyStore.getInstance(keyStoreType);
keyStore.load(null, null);
keyStore.setCertificateEntry("ca", ca);
// Create a TrustManager that trusts the CAs in our KeyStore
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keyStore);
// Create an SSLContext that uses our TrustManager
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), null);
// Tell the URLConnection to use a SocketFactory from our SSLContext
/*URL url = new URL("https://certs.cac.washington.edu/CAtest/");*/
javax.net.ssl.SSLSocketFactory sslSocket = context.getSocketFactory();
HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
URL url = new URL(requestURL);
HttpsURLConnection urlConnection =
(HttpsURLConnection)url.openConnection();
urlConnection.setSSLSocketFactory(context.getSocketFactory());
urlConnection.setHostnameVerifier(hostnameVerifier);
urlConnection.setConnectTimeout(SET_CONNECTION_TIMEOUT);
urlConnection.setReadTimeout(SET_READ_TIMEOUT);
InputStream in = urlConnection.getInputStream();
//copyInputStreamToOutputStream(in, System.out);
BufferedReader reader = new BufferedReader(new InputStreamReader(in));
StringBuilder sb = new StringBuilder();
String line = null;
try {
while ((line = reader.readLine()) != null) {
sb.append(line);
}
} catch (IOException e) {
e.printStackTrace();
} finally {
try {
in.close();
} catch (IOException e) {
e.printStackTrace();
}
}
if (sb!=null){
resutl = sb.toString();
}
} catch (CertificateException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (FileNotFoundException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (NoSuchAlgorithmException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (KeyStoreException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (KeyManagementException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (MalformedURLException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (IOException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
MyLogCat.d(Constants.TAG,"doHttpsRequest reuslt = " + resutl);
return resutl;
}
}
相关推荐
The only guide available on the subject, Network Security with OpenSSLdetails the challenges in securing network communications, and shows you how to use OpenSSL tools to best meet those challenges. ...
Ivan Ristic is a security researcher, engineer, and author, known especially for his contributions to the web application firewall field and development of ModSecurity, an open source web application ...
1. SSL, TLS, and Cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Transport Layer Security 1...
Implement IPsec site-to-site VPN tunnels and SSL remote client VPN. Configure the SRX as a next-generation firewall (NGFW). Configure Unified Threat Management (UTM). Configure the automated...
ciphers="SSL_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_...
• Web server security - detailed technical information about SSL (Secure Socket Layer), TLS (Transport Layer Security), host security, server access methods, and secure CGI/API programming. • ...
William Stallings' "Cryptography and Network Security - 5e" offers a comprehensive guide to the field, providing students and professionals with a solid understanding of the fundamental principles and...
Industrial-grade protocols such as SSL/TLS, Kerberos and even the huge SET protocol suite [37] can then be tackled. Although these proofs are far from automatic, the effort needed to undertake them ...
Chapter 1: The Android Security Model – the Big Picture 7 Installing with care 7 Android platform architecture 9 Linux kernel 9 Middleware 11 Dalvik virtual machine 11 Application layer 11 Android ...
and code your own malware Audit Android and iOS apps using static and dynamic analysis Examine iOS App Data storage and Keychain security vulnerabilities Set up the Wireless Pentesting Lab for Mobile ...
Secure Socket Layer (SSL) and Transport Layer Security (TLS) are the current standards for communicating information securely over the internet. With TLS, all data being transmitted from point A to ...
1.2 Security and state spaces 10 2.1 Example clearance order 26 2.2 Example categories order 27 2.3 Example MLS lattice 28 2.4 The *-Property 30 2.5 The Chinese Wall 32 2.6 Functionality versus ...
Identify and overcome security flaws in your network to get a deeper insight into security analysis This is a fast-paced book that focuses on quick and effective packet captures through practical ...
SSL and TLS Section 4.1. Cryptography Section 4.2. SSL Section 4.3. OpenSSL Section 4.4. Apache and SSL Section 4.5. Setting Up a Certificate Authority Section 4.6. Performance ...
The Radia Perlman Series in Computer Networking and Security Acknowledgments Chapter 1. Introduction Section 1.1. Roadmap to the Book Section 1.2. What Type of Book Is This? Section 1.3. ...
You’ll begin by installing and tuning Kali Linux 2 on Raspberry Pi 3 and then get started with penetration testing. You will be exposed to various network security scenarios such as wireless security...
You will also learn how to plan and perform various attacks such as man-in-the-middle, password cracking, bypassing SSL encryption, compromising systems using various toolkits, and many more....
SSL Offloading and SSL Security APV Series provides industry-leading performance and cost per SSL TPS for 2048-bit SSL with advanced client certificate handling for secure application support and easy...
SecureBridge represents clients and servers for SSH, SFTP and SSL protocols as a network security solution. It protects any TCP traffic using SSH or SSL secure transport layer protocols, that provide ...