我在我的Android应用中使用SSL Certificate Pining,现在当我续订SSL证书时,我认为我在Android应用中只需要Certificate Pining而不是Public Key Pining我需要更改我的Android项目中的证书,然后再次在Play商店更新我的应用程序,但事情是我的应用程序工作完全正常,无需在我的Android项目中更新证书文件。
任何人都可以告诉我这是正常行为吗?
代码
public Certificate findCertificate() throws CertificateException {
CertificateFactory instance = CertificateFactory.getInstance("X.509");
InputStream resourceAsStream = getResources().openRawResource(R.folder.certificate_name);
InputStream bufferedInputStream = new BufferedInputStream(resourceAsStream);
try {
Certificate generateCertificate = instance.generateCertificate(bufferedInputStream);
try {
resourceAsStream.close();
} catch (IOException e) {
}
return generateCertificate;
} finally {
try {
bufferedInputStream.close();
} catch (IOException e2) {
}
try {
resourceAsStream.close();
} catch (IOException e3) {
}
}
}
public SSLContext findSSLConfiguration(Context context) throws CertificateException, IOException,
KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
CertificateFactory cf = null;
cf = CertificateFactory.getInstance("X.509");
Certificate ca = findCertificate();
String keyStoreType = KeyStore.getDefaultType();
KeyStore keyStore = KeyStore.getInstance(keyStoreType);
keyStore.load(null, null);
keyStore.setCertificateEntry("ca", ca);
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keyStore);
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, tmf.getTrustManagers(), null);
return sslContext;
}
public void server_call() throws CertificateException, NoSuchAlgorithmException, KeyStoreException, KeyManagementException, IOException {
OkHttpClient okHttp = new OkHttpClient.Builder()
.sslSocketFactory(findSSLConfiguration(getBaseContext()).getSocketFactory())
.build();
}