我需要为Webview执行公钥/证书固定。我看到API21中引入了api 根据Android文档, http://developer.android.com/reference/android/webkit/WebViewClient.html#onReceivedClientCertRequest(android.webkit.WebView,android.webkit.ClientCertRequest)
在api 21中添加了 onReceivedClientCertRequest()
,但是当我加载任何url时,我没有得到回调。谁能请帮忙????
@Override
public void onReceivedClientCertRequest(WebView view, final ClientCertRequest request) {
Log.e("ClientCertRequest", "===> certificate required!");
KeyChain.choosePrivateKeyAlias(WebViewActivity.this, new KeyChainAliasCallback(){
@TargetApi(Build.VERSION_CODES.LOLLIPOP)
@Override
public void alias(String alias) {
Log.e(getClass().getSimpleName(), "===>Key alias is: " + alias);
try {
PrivateKey changPrivateKey = KeyChain.getPrivateKey(WebViewActivity.this, alias);
X509Certificate[] certificates = KeyChain.getCertificateChain(WebViewActivity.this, alias);
Log.v(getClass().getSimpleName(), "===>Getting Private Key Success!" );
request.proceed(changPrivateKey, certificates);
} catch (KeyChainException e) {
Log.e(getClass().getSimpleName(), Util.printException(e));
} catch (InterruptedException e) {
Log.e(getClass().getSimpleName(), Util.printException(e));
}
}
},new String[]{"RSA"}, null, null, -1, null);
super.onReceivedClientCertRequest(view,request);
}
答案 0 :(得分:2)
在Android中,客户端证书身份验证可能会以多种方式失败:
WebViewClient.onPageStarted()
handler.proceed()
WebViewClient.onReceivedSslError(view, handler, error)
来解决此问题
SSLVerifyClient require
以及所需参数SSLVerifyDepth
和SSLCACertificateFile
之类的内容