1

我知道 google play 拒绝使用代码来信任所有 ssl 证书的应用程序,但是下面的代码是否会忽略 google play 只允许一个服务器的证书链。

    public class ServiceGenerator {
    public static String PREF_COOKIES = "pref_cookies";
     private static OkHttpClient.Builder httpClient = new   OkHttpClient.Builder();
    private static Retrofit.Builder builder;
    public static <S> S createService(Class<S> serviceClass) {
 return createService(serviceClass, null);
 }
 public static <S> S createService(Class<S> serviceClass, final   HashMap<String, String> headers) {
 builder = new Retrofit.Builder()
 .baseUrl("your service address")
  .addConverterFactory(GsonConverterFactory.create());
 httpClient.sslSocketFactory(getSSLSocketFactory());
 httpClient.hostnameVerifier(new HostnameVerifier() {
 @Override
 public boolean verify(String hostname, SSLSession session) {
 return true;
 }
 });
 OkHttpClient client = httpClient.build();
 Retrofit retrofit = builder.client(client).build();
 return retrofit.create(serviceClass);
  }
  private static SSLSocketFactory getSSLSocketFactory() {
  try {
  // Create a trust manager that does not validate certificate   chains
  final TrustManager[] trustAllCerts = new TrustManager[]{
  new X509TrustManager() {
  @Override
  public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String  authType) throws CertificateException {
  }
  @Override
  public void  checkServerTrusted(java.security.cert.X509Certificate[] chain, String  authType) throws CertificateException {
  }
  @Override
  public java.security.cert.X509Certificate[] getAcceptedIssuers()  {
  return new java.security.cert.X509Certificate[]{};
  }
  }
  };
   // Install the all-trusting trust manager
  final SSLContext sslContext = SSLContext.getInstance("SSL");
  sslContext.init(null, trustAllCerts, new  java.security.SecureRandom());
  // Create an ssl socket factory with our all-trusting manager
  final SSLSocketFactory sslSocketFactory =  sslContext.getSocketFactory();
  return sslSocketFactory;
 } catch (KeyManagementException | NoSuchAlgorithmException e) {
 return null;
 }

我在另一个堆栈溢出帖子中找到了此代码,但由于声誉低于 50,无法发表评论。

4

0 回答 0