Question

我想在Android WebView中支持2way SSL：

@Override   public WebResourceResponse shouldInterceptRequest(WebView
    view, WebResourceRequest request) {

    HttpsURLConnection httpsConnection =
    (HttpsURLConnection)urlConnection;

    httpsConnection.setHostnameVerifier(new PortalHostnameVerifider());

    SSLSocketFactory sslSocketFactory = this.getSSLContext().getSocketFactory();
    httpsConnection.setSSLSocketFactory(sslSocketFactory);
    httpsConnection.setRequestMethod(request.getMethod());

    String contentType = urlConnection.getContentType();

    }

SocketFactory看起来像这样：

public SSLContext getSSLContext() {

        String kmfAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
        KeyManagerFactory kmf = KeyManagerFactory.getInstance(kmfAlgorithm);
        kmf.init(this.trustStore, this.truststorePassword.toCharArray());

        String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
        TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
            tmf.init(this.trustStore);

        SSLContext sslContext = SSLContext.getInstance("TLS");      
        sslContext.init(null, tmf.getTrustManagers(), null);
}

TrustManager部分工作正常，但客户端证书部分无效。

我希望

onReceivedClientCertRequest(WebView view, ClientCertRequest request)

当服务器在SSLHandshake期间请求客户端证书但从未触发时，将调用

。我的理解（期望）是否正确？

sslContext.init(null, tmf.getTrustManagers(), null);

上面一行告诉SSLContect使用默认的KeyManager。这会对onReceivedClientCertRequest？

产生影响吗？

我需要动态处理clientcert请求，因此我无法提供初始化KeyManager的密钥库。

如何在WebView中使2waySSL正常工作？如何触发onReceivedClientCertRequest？

由于

Android WebView 2way SSL（自定义客户端证书处理）

0 个答案: