CheckServerTrusted是在使用我的服务器进行初始化时调用的。
然而,在初始化谷歌地图时,checkServerTrusted也会被调用。
是否可以以某种方式限制checkServerTrusted仅用于初始化与我的服务器的连接?
所以我想检查ServerTrusted,以便在初始化和我的服务器的连接时被调用。
//CustomOkHttpClient
public static OkHttpClient.Builder getCustomOkHttpClient() {
try {
TrustManagerFactory tmf = TrustManagerFactory.getInstance(
TrustManagerFactory.getDefaultAlgorithm());
tmf.init((KeyStore)null);
TrustManager[] trustManagers = tmf.getTrustManagers();
final X509TrustManager origTrustmanager = (X509TrustManager)trustManagers[0];
TrustManager[] wrappedTrustManagers = new TrustManager[]{
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return origTrustmanager.getAcceptedIssuers();
}
public void checkClientTrusted(X509Certificate[] certs, String authType) throws CertificateException {
origTrustmanager.checkClientTrusted(certs, authType);
}
public void checkServerTrusted(X509Certificate[] certs, String authType) throws CertificateException {
origTrustmanager.checkServerTrusted(certs, authType);
}
};
//ApiClient
val builder = CustomOkHttpClient.getCustomOkHttpClient();
client = builder.build()
val retrofit = Retrofit.Builder()
.baseUrl(baseUrl)
.client(client)
.addConverterFactory(GsonConverterFactory.create(gson))
.build()
return retrofit.create(ApiInterface::class.java)
您可以使用允许列出具有无效证书的特定服务器
val clientCertificates = HandshakeCertificates.Builder()
.addPlatformTrustedCertificates()
.addInsecureHost(server.hostName)
.build()
val client = OkHttpClient.Builder()
.sslSocketFactory(clientCertificates.sslSocketFactory(), clientCertificates.trustManager)
.build()
中的代码https://github.com/square/okhttp/blob/f8fd4d08decf697013008b05ad7d2be10a648358/okhttp-tls/src/main/kotlin/okhttp3/tls/internal/InsecureAndroidTrustManager.kt向您展示如何在Android 上实现
对于JDKhttps://github.com/square/okhttp/blob/f8fd4d08decf697013008b05ad7d2be10a648358/okhttp-tls/src/main/kotlin/okhttp3/tls/internal/InsecureExtendedTrustManager.kt