Android ignore self signed certificate

2020-06-07 02:33发布

My Android App is connecting to https self-signed server & it is working fine with using client certificates (.cer file).

Can Android App be connected to https self-signed server WITHOUT using client Certificates. --> If answers is YES then which library can be used for that. I know this would not be best method to achieve as it is https server, but this is what i need.

标签： android ssl ssl-certificate self-signed

1条回答

我只想做你的唯一

2楼-- · 2020-06-07 03:31

You can use Volley Android library for that.

You will need to add the below code on the onCreate() of your application class. By overwriting the X509Certificate basically you will accept all certificates.

try {
        TrustManager[] victimizedManager = new TrustManager[]{

                new X509TrustManager() {

                    public X509Certificate[] getAcceptedIssuers() {

                        X509Certificate[] myTrustedAnchors = new X509Certificate[0];

                        return myTrustedAnchors;
                    }

                    @Override
                    public void checkClientTrusted(X509Certificate[] certs, String authType) {
                    }

                    @Override
                    public void checkServerTrusted(X509Certificate[] certs, String authType) {
                    }
                }
        };

        SSLContext sc = SSLContext.getInstance("SSL");
        sc.init(null, victimizedManager, new SecureRandom());
        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
        HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
            @Override
            public boolean verify(String s, SSLSession sslSession) {
                return true;
            }
        });
    } catch (Exception e) {
        e.printStackTrace();
    }

0人赞添加讨论(0) 举报

Android ignore self signed certificate

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间