解决javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.的问题,出现这个问题的原因是:服务器不信任我们自己创建的证书,所以在代码中必须要忽略证书信任问题。
解决代码如下:
package net.joydao.startools.ssl; import android.util.Log; import java.security.cert.X509Certificate; import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSession; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; public class SSLAgent { private final static String TAG = "SSLAgent"; private final static boolean DEBUG = true; private static SSLAgent mSSLAgent; public static SSLAgent getInstance(){ if(mSSLAgent == null){ mSSLAgent = new SSLAgent(); } return mSSLAgent; } /** * 信任所有的https证书 * */ public void trustAllHttpsCertificates() { try{ TrustManager[] trustAllCerts = new TrustManager[1]; TrustManager tm = new MyTrustManager(); trustAllCerts[0] = tm; SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, null); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); HttpsURLConnection.setDefaultHostnameVerifier(mHostnameVerifier); }catch (Exception e){ e.printStackTrace(); } } private HostnameVerifier mHostnameVerifier = new HostnameVerifier() { public boolean verify(String hostname, SSLSession session) { log("hostname:" + hostname); return true; } }; private static class MyTrustManager implements TrustManager, X509TrustManager { public X509Certificate[] getAcceptedIssuers() { return null; } public boolean isServerTrusted(X509Certificate[] certs) { return true; } public boolean isClientTrusted(X509Certificate[] certs) { return true; } public void checkServerTrusted(X509Certificate[] certs, String authType) { return; } public void checkClientTrusted(X509Certificate[] certs, String authType) { return; } } private void log(String msg){ if(DEBUG){ Log.i(TAG, msg); } } }
在调用获取url内容之前调用:
SSLAgent.getInstance().trustAllHttpsCertificates();