我正在尝试将OkHttp与Volley一起使用。我试图使用OkHttpClient.sslSocketFactory(SSLSocketFactory sslSocketFactory)方法来覆盖TLS版本,但似乎已弃用。我使用了替代的sslsocketfactory方法(下面的方法),但是它对我不起作用。
OkHttpClient.sslSocketFactory( SSLSocketFactory sslSocketFactory,X509TrustManager trustManager) 我将TLS版本更改为1.2,并为trustManager使用了系统默认的trustManager。但是在api调用期间发送的TLS版本是设备版本,而不是我覆盖的版本。
我的sslSocketFactory方法:
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, **null**, null);
sslSocketFactory = context.getSocketFactory();
Also TLS version I enabled.
((SSLSocket)socket).setEnabledProtocols(new String[] {"TLSv1.2"});
我的trustManager方法:
public static X509TrustManager getSystemDefaultTrustManager()
{
try
{
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(
TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init((KeyStore) null);
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
throw new IllegalStateException("Unexpected default trust managers:"
+ Arrays.toString(trustManagers));
}
return (X509TrustManager) trustManagers[0];
catch (GeneralSecurityException e)
{
throw new AssertionError(); // The system has no TLS. Just give up.
}
}
我还使用了上面的trustmanager在sslSocketFactory中进行设置,但是似乎没有任何作用。
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, **getSystemDefaultTrustManager()**, null);
sslSocketFactory = context.getSocketFactory();