我找到了这个解决方案,效果很好!
X509TrustManager:
public class EasyX509TrustManager implements X509TrustManager {private X509TrustManager standardTrustManager = null;public EasyX509TrustManager(KeyStore keystore) throws NoSuchAlgorithmException, KeyStoreException { super(); TrustManagerFactory factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); factory.init(keystore); TrustManager[] trustmanagers = factory.getTrustManagers(); if (trustmanagers.length == 0) { throw new NoSuchAlgorithmException("no trust manager found"); } this.standardTrustManager = (X509TrustManager) trustmanagers[0];}public void checkClientTrusted(X509Certificate[] certificates, String authType) throws CertificateException { standardTrustManager.checkClientTrusted(certificates, authType);}public void checkServerTrusted(X509Certificate[] certificates, String authType) throws CertificateException { if ((certificates != null) && (certificates.length == 1)) { certificates[0].checkValidity(); } else { standardTrustManager.checkServerTrusted(certificates, authType); }}public X509Certificate[] getAcceptedIssuers() { return this.standardTrustManager.getAcceptedIssuers();}}SSLSocketFactory:
public class EasySSLSocketFactory implements LayeredSocketFactory {private SSLContext sslcontext = null;private static SSLContext createEasySSLContext() throws IOException { try { SSLContext context = SSLContext.getInstance("TLS"); context.init(null, new TrustManager[]{new EasyX509TrustManager( null)}, null); return context; } catch (Exception e) { throw new IOException(e.getMessage()); }}private SSLContext getSSLContext() throws IOException { if (this.sslcontext == null) { this.sslcontext = createEasySSLContext(); } return this.sslcontext;}public Socket connectSocket(Socket sock, String host, int port, InetAddress localAddress, int localPort, HttpParams params) throws IOException, UnknownHostException, ConnectTimeoutException { int connTimeout = HttpConnectionParams.getConnectionTimeout(params); int soTimeout = HttpConnectionParams.getSoTimeout(params); InetSocketAddress remoteAddress = new InetSocketAddress(host, port); SSLSocket sslsock = (SSLSocket) ((sock != null) ? sock : createSocket()); if ((localAddress != null) || (localPort > 0)) { // we need to bind explicitly if (localPort < 0) { localPort = 0; // indicates "any" } InetSocketAddress isa = new InetSocketAddress(localAddress, localPort); sslsock.bind(isa); } sslsock.connect(remoteAddress, connTimeout); sslsock.setSoTimeout(soTimeout); return sslsock;}public Socket createSocket() throws IOException { return getSSLContext().getSocketFactory().createSocket();}public boolean isSecure(Socket socket) throws IllegalArgumentException { return true;}public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException { return getSSLContext().getSocketFactory().createSocket(socket, host, port, autoClose);}// -------------------------------------------------------------------// javadoc in org.apache.http.conn.scheme.SocketFactory says :// Both Object.equals() and Object.hashCode() must be overridden// for the correct operation of some connection managers// -------------------------------------------------------------------public boolean equals(Object obj) { return ((obj != null) && obj.getClass().equals( EasySSLSocketFactory.class));}public int hashCode() { return EasySSLSocketFactory.class.hashCode();}}然后:
SchemeRegistry schReg = new SchemeRegistry(); schReg.register(new Scheme("http", PlainSocketFactory .getSocketFactory(), 80)); schReg.register(new Scheme("https", new EasySSLSocketFactory(), 443));
