解决Android7.0无法抓包的问题

问题

连上代理之后，装上代理的证书。然后7.0手机还是无法抓包。问题是因为7.0的系统，app内不再默认信任用户的证书了。

一般解决方案

app配置信任用户证书。

//mainifest中配置
<application
        android:networkSecurityConfig="@xml/network_security_config"
        ...
//新建xml/network_sercurity_config文件
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <base-config>
        <trust-anchors>
            <certificates src="user"/>
        </trust-anchors>
    </base-config>
</network-security-config>

配置的具体含义，可以查看：
https://developer.android.google.cn/training/articles/security-config?hl=zh-cn#trust-anchors

okhttp的另外一种解决方案

让okhttp的请求信任自定义的证书（或信任所有）

//调用方
    OkHttpClient mOkHttpClient = new OkHttpClient.Builder()
            .sslSocketFactory(OkhttpSslUtils.createSSLSocketFactory(), new OkhttpSslUtils.TrustAllManager())
            .build();

//工具类
public class OkhttpSslUtils {

    public static SSLSocketFactory createSSLSocketFactory() {

        SSLSocketFactory sSLSocketFactory = null;

        try {
            SSLContext sc = SSLContext.getInstance("TLS");
            sc.init(null, new TrustManager[]{new TrustAllManager()},
                    new SecureRandom());
            sSLSocketFactory = sc.getSocketFactory();
        } catch (Exception e) {
        }

        return sSLSocketFactory;
    }

    public static class TrustAllManager implements X509TrustManager {
        @Override
        public void checkClientTrusted(X509Certificate[] chain, String authType)
                throws CertificateException {
        }

        @Override
        public void checkServerTrusted(X509Certificate[] chain, String authType)
                throws CertificateException {
        }

        @Override
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }
}