在TrustManager里面的checkServerTrusted方法里面设置chain[0].checkValidity();
private final TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
try {//设置弱校验
chain[0].checkValidity();
} catch (Exception e) {
throw new CertificateException("Certificate not valid or trusted.");
}
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
}
};
然后再HostnameVerifier方法里面根据自己的网络域名来判断
client = client.newBuilder().sslSocketFactory(sslSocketFactory).hostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
//设置弱校验
if (hostname.equals("设置你自己的域名")){
return true;
}else {
HostnameVerifier hv = HttpsURLConnection.getDefaultHostnameVerifier();
return hv.verify(hostname,session);
}
}
}).build();
本文介绍了如何在TrustManager的checkServerTrusted方法中使用chain[0].checkValidity()进行弱校验,并在HostnameVerifier中实现针对特定域名的信任。通过定制SSL连接,确保对特定网络环境的灵活控制。
403

被折叠的 条评论
为什么被折叠?



