我正在使用从启用的协议中删除 SSLv3 的自定义 SSLSocketFactory 类。我无法弄清楚如何将 Truststore 附加到设置为 HttpsURLConnection 的套接字工厂。到目前为止,我看到的所有示例都使用 org.apache.http.conn.ssl.SSLSocketFactory。
public static void getNewHttpClient() {
try {
KeyStore trustStore = KeyStore.getInstance(KeyStore
.getDefaultType());
trustStore.load(null, null);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream caInput = BTApplication.getContextApplication()
.getResources().openRawResource(R.raw.ca);
Certificate ca;
try {
ca = cf.generateCertificate(caInput);
} finally {
caInput.close();
}
trustStore.setCertificateEntry("ca", ca);
SSLSocketFactory sf = new MySSLSocketFactory(trustStore);
// sf.
sf.setHostnameVerifier(SSLSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
HttpParams params = new BasicHttpParams();
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory
.getSocketFactory(), 80));
registry.register(new Scheme("https", sf, 443));
ClientConnectionManager ccm = new ThreadSafeClientConnManager(
params, registry);
// return
client = new DefaultHttpClient(ccm, params);
setDefaultRetryHandler();
} catch (Exception e) {
}
}