我需要信任管理器的默认实现的源代码
Android使用几个不同的信任经理。许多代码都在扩展到Google Canccrypt库。这里有一个示例
这里还有另一个非传统示例。它主要是委托呼叫。在我公认的很小的经验中,代表是上面提到的征服信托经理之一。
您可以尝试使用这种方式。我相信这是最好的做法。
try {
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init((KeyStore) null);
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
X509TrustManager trustManager = (X509TrustManager) trustManagers[0];
httpClient.sslSocketFactory(getSSLConfig(getApplicationContext()).getSocketFactory(), trustManager);
} catch (Exception e) {
Timber.e(String.valueOf(e));
}
private static SSLContext getSSLConfig(Context context) throws CertificateException, IOException,
KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Certificate ca;
try (InputStream cert = context.getResources().openRawResource(R.raw.yourCERT)) {
ca = cf.generateCertificate(cert);
}
String keyStoreType = KeyStore.getDefaultType();
KeyStore keyStore = KeyStore.getInstance(keyStoreType);
keyStore.load(null, null);
keyStore.setCertificateEntry("ca", ca);
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keyStore);
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, tmf.getTrustManagers(), null);
return sslContext;
}