MySSLSocketFactory.getFixedSocketFactory()是什么意思?

JASON-WONG 发布于 2016/05/09 14:34
阅读 540
收藏 0
client.setSSLSocketFactory(MySSLSocketFactory.getFixedSocketFactory());这样用是信任所有证书,跳过证书验证么?
加载中
0
d
dujianchi
//构造方法
public MySSLSocketFactory(KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { super(truststore);

    X509TrustManager tm = new X509TrustManager() { public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        } public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        } public X509Certificate[] getAcceptedIssuers() { return null;
        }
    }; sslContext.init(null, new TrustManager[]{tm}, null);
}
/**  * Returns a SSlSocketFactory which trusts all certificates  *  * @return SSLSocketFactory  */ public static SSLSocketFactory getFixedSocketFactory() {
    SSLSocketFactory socketFactory; try {
        socketFactory = new MySSLSocketFactory(getKeystore());
        socketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
    } catch (Throwable t) {
        t.printStackTrace();
        socketFactory = SSLSocketFactory.getSocketFactory();
    } return socketFactory;
}

请养成有问题看源代码的习惯
返回顶部
顶部