webView、Glidle加载https的解决办法
2018-01-23 本文已影响0人
神情自若
webView、Glidle默认是不处理https的,所以当我们再用原来的方法加载时就会出现空白情况,以下是解决办法
一:webView 以下是关键代码
private WebViewClient mWebViewClient = new WebViewClient() {
@Override
public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {
handler.proceed();//webView默认不会加载https 加上这行代码 接受所有网站的证书
super.onReceivedSslError(view, handler, error);
}
@Override
public boolean shouldOverrideUrlLoading(WebView view, WebResourceRequest request) {
return super.shouldOverrideUrlLoading(view, request);
}
};
二.Glidle
1.添加依赖
compile 'com.github.bumptech.glide:glide:3.7.0'
compile 'com.github.bumptech.glide:okhttp3-integration:1.4.0@aar' //Glidle提供的Module,要加载https必须加上这句代码
2.设置证书
这一步不是必须的,没有证书,就不需要获取,如果有就拿到InputStream
try {
InputStream inputStream = getAssets().open("xxx.cer");
} catch (IOException e) {
e.printStackTrace();
}
3.配置OkHttp
/**
* 设置OkHttpClient 传入证书 inputStream
* */
public static OkHttpClient getOkHttpClient(InputStream... inputStream)
{
SSLSocketFactory sslSocketFactory = HttpsUtils.getSslSocketFactory(inputStream, null, null);
OkHttpClient.Builder builder = new OkHttpClient().newBuilder();
builder = builder.sslSocketFactory(sslSocketFactory);
builder.hostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session)
{
return true;
}
});
return builder.build();
}
4.HttpsUtils 中传递证书进入,如果没有证书就传null
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
/**
* HttpsUtils的配置
*/
public class HttpsUtils{
public static SSLSocketFactory getSslSocketFactory(InputStream[] certificates, InputStream bksFile, String password){
try{
TrustManager[] trustManagers = prepareTrustManager(certificates);
KeyManager[] keyManagers = prepareKeyManager(bksFile, password);
SSLContext sslContext = SSLContext.getInstance("TLS");
TrustManager trustManager = null;
if (trustManagers != null){
trustManager = new MyTrustManager(chooseTrustManager(trustManagers));
} else{
trustManager = new UnSafeTrustManager();
}
sslContext.init(keyManagers, new TrustManager[]{trustManager}, new SecureRandom());
return sslContext.getSocketFactory();
} catch (NoSuchAlgorithmException e){
throw new AssertionError(e);
} catch (KeyManagementException e){
throw new AssertionError(e);
} catch (KeyStoreException e){
throw new AssertionError(e);
}
}
private class UnSafeHostnameVerifier implements HostnameVerifier{
@Override
public boolean verify(String hostname, SSLSession session){
return true;
}
}
private static class UnSafeTrustManager implements X509TrustManager{
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType)throws CertificateException{}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType)throws CertificateException{}
@Override
public X509Certificate[] getAcceptedIssuers(){
return new X509Certificate[]{};
}
}
private static TrustManager[] prepareTrustManager(InputStream... certificates){
if (certificates == null || certificates.length <= 0) return null;
try{
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null);
int index = 0;
for (InputStream certificate : certificates){
String certificateAlias = Integer.toString(index++);
keyStore.setCertificateEntry(certificateAlias, certificateFactory.generateCertificate(certificate));
try{
if (certificate != null)
certificate.close();
} catch (IOException e){
}
}
TrustManagerFactory trustManagerFactory = null;
trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
return trustManagers;
} catch (NoSuchAlgorithmException e){
e.printStackTrace();
} catch (CertificateException e){
e.printStackTrace();
} catch (KeyStoreException e){
e.printStackTrace();
} catch (Exception e){
e.printStackTrace();
}
return null;
}
private static KeyManager[] prepareKeyManager(InputStream bksFile, String password){
try{
if (bksFile == null || password == null) return null;
KeyStore clientKeyStore = KeyStore.getInstance("BKS");
clientKeyStore.load(bksFile, password.toCharArray());
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(clientKeyStore, password.toCharArray());
return keyManagerFactory.getKeyManagers();
} catch (KeyStoreException e){
e.printStackTrace();
} catch (NoSuchAlgorithmException e){
e.printStackTrace();
} catch (UnrecoverableKeyException e){
e.printStackTrace();
} catch (CertificateException e){
e.printStackTrace();
} catch (IOException e){
e.printStackTrace();
} catch (Exception e){
e.printStackTrace();
}
return null;
}
private static X509TrustManager chooseTrustManager(TrustManager[] trustManagers){
for (TrustManager trustManager : trustManagers){
if (trustManager instanceof X509TrustManager){
return (X509TrustManager) trustManager;
}
}
return null;
}
private static class MyTrustManager implements X509TrustManager{
private X509TrustManager defaultTrustManager;
private X509TrustManager localTrustManager;
public MyTrustManager(X509TrustManager localTrustManager) throws NoSuchAlgorithmException, KeyStoreException{
TrustManagerFactory var4 = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
var4.init((KeyStore) null);
defaultTrustManager = chooseTrustManager(var4.getTrustManagers());
this.localTrustManager = localTrustManager;
}
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException{}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException{
try{
defaultTrustManager.checkServerTrusted(chain, authType);
} catch (CertificateException ce){
localTrustManager.checkServerTrusted(chain, authType);
}
}
@Override
public X509Certificate[] getAcceptedIssuers(){
return new X509Certificate[0];
}
}
}
5.初始化glidle 这一步在Application中初始化 把OkHttpClient的设置 传到最后一个参数xxx
//如果你使用的网络框架已经封装好了 你可以直接设置OkHttpClient 小编这里用的OKGO
// 信任所有证书,不安全有风险
// HttpsUtils.SSLParams sslParams1 = HttpsUtils.getSslSocketFactory();
// builder.sslSocketFactory(sslParams1.sSLSocketFactory, sslParams1.trustManager);
//okgo初始化
//OkGo.getInstance().init(this) //必须调用初始化
// .setOkHttpClient(builder.build()) //必须设置OkHttpClient
// .setRetryCount(0); //全局统一超时重连次数,不需要可以设置为0
//初始化glidle 支持https
// Glide.get(this).register(GlideUrl.class, InputStream.class, new OkHttpUrlLoader.Factory(builder.build()));
Glide.get(this).register(GlideUrl.class, InputStream.class, new OkHttpUrlLoader.Factory(xxx));
