我是在Mac(JDK 1.6) 环境下生成的,Windows 也应该通用;
首先要从CA那里申请来签名的证书,我的是crt格式的;
然后使用如下命令,对应的BcProvider 是 bcprov-ext-jdk15on-146.jar ,放在 JDK 的lib 里面,其他版本貌似不可以.
keytool -import -alias 别名 -file 证书文件.crt -keystore 新建的BKS.keystore -storepass 密码 -storetype BKS -providername "BC"
真样就会在我的当前命令行目录生成一个keystore文件,密码是命令中指定的.
然后这个keystore 就可以放入Android 项目的res/raw 目录下了.
使用代码:
public class HTTPS {
public static DefaultHttpClient httpclient;
static HttpClient hc;
static boolean isInit = false;
//初始化
public synchronized static void initKey(Context ctx) {
hc = new DefaultHttpClient();
KeyStore trustStore;
try {
trustStore = KeyStore.getInstance("BKS");
trustStore.load(ctx.getResources().openRawResource(R.raw.anyKeystore), "password".toCharArray());
SSLSocketFactory socketFactory = new SSLSocketFactory(trustStore);
//不进行域名验证
socketFactory.setHostnameVerifier(new X509HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
@Override
public void verify(String arg0, SSLSocket arg1)
throws IOException {
}
@Override
public void verify(String arg0, X509Certificate arg1)
throws SSLException {
}
@Override
public void verify(String arg0, String[] arg1, String[] arg2)
throws SSLException {
}
});
Scheme sch = new Scheme("https", socketFactory, 8443);
hc.getConnectionManager().getSchemeRegistry().register(sch);
} catch (Exception e) {
e.printStackTrace();
}
}
public static String getData(String url) {
HttpUriRequest hr = new HttpGet(url);
HttpParams httpparams = new BasicHttpParams();
HttpConnectionParams.setConnectionTimeout(httpparams, Utils.timeOut);
HttpConnectionParams.setSoTimeout(httpparams, 15000);
hr.setParams(httpparams);
HttpResponse hres = null;
StringBuffer sb = null;
try {
hres = hc.execute(hr);
HttpEntity he = hres.getEntity();
InputStream is = he.getContent();
sb = new StringBuffer();
byte[] bytes = new byte[1024];
for (int len = 0; (len = is.read(bytes)) != -1;) {
sb.append(new String(bytes, 0, len, "utf-8"));
}
} catch (Exception e) {
e.printStackTrace();
return null;
}
System.out.println(sb.toString());
return sb.toString();
}
public static String getData(String url,Context ctx) {
if(!isInit){
initKey(ctx);
}
HttpUriRequest hr = new HttpGet(url);
HttpResponse hres = null;
StringBuffer sb = null;
try {
hres = hc.execute(hr);
HttpEntity he = hres.getEntity();
InputStream is = he.getContent();
sb = new StringBuffer();
byte[] bytes = new byte[1024];
for (int len = 0; (len = is.read(bytes)) != -1;) {
sb.append(new String(bytes, 0, len, "utf-8"));
}
} catch (Exception e) {
e.printStackTrace();
return null;
}
return sb.toString();
}
}
在应用启动的时候init 一下就行了,以后直接使用HTTPS.getData(); 获取数据