嗨,我有一种情况,我想SSL pinning在Android应用程序上删除。
这是我拥有的执行 SSL 的代码pinning。
private AsyncHttpClient m_asyncHttpClient;
m_asyncHttpClient.setSSLSocketFactory(getSSLSocketFactory());
private static SSLSocketFactory getSSLSocketFactory(){
try {
// Get an instance of the Bouncy Castle KeyStore format
KeyStore trusted = KeyStore.getInstance("BKS");
// Get the raw resource, which contains the pinnedcert with
// your trusted certificates (root and any intermediate certs)
InputStream in = DPApp.getInstance().getResources().openRawResource(R.raw.XXXXX);
try {
// Initialize the pinnedcert with the provided trusted certificates
// Also provide the password of the pinnedcert
trusted.load(in, "XXX".toCharArray());
trusted.size();
} finally {
in.close();
}
// Pass the pinnedcert to the SSLSocketFactory. The factory is responsible
// for the verification of the server certificate.
SSLSocketFactory sf = new SSLSocketFactory(trusted);
// Hostname verification from certificate
// http://hc.apache.org/httpcomponents-client-ga/tutorial/html/connmgmt.html#d4e506
sf.setHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER);
return sf;
} catch (Exception e) {
throw new AssertionError(e);
}
}
我试图评论 setSSLSocketFactory 行,但这给了我一个错误
java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
我知道服务器certificate已过期,但现在我只想SSL从应用程序中删除固定。
Android请从代码中获得有关最佳方法的任何建议。