嗨,我遇到一种情况,想在SSL
应用上删除pinning
Android
。
这是我拥有的执行SSL pinning
的代码。
private AsyncHttpClient m_asyncHttpClient;
m_asyncHttpClient.setSSLSocketFactory(getSSLSocketFactory());
private static SSLSocketFactory getSSLSocketFactory(){
try {
// Get an instance of the Bouncy Castle KeyStore format
KeyStore trusted = KeyStore.getInstance("BKS");
// Get the raw resource, which contains the pinnedcert with
// your trusted certificates (root and any intermediate certs)
InputStream in = DPApp.getInstance().getResources().openRawResource(R.raw.XXXXX);
try {
// Initialize the pinnedcert with the provided trusted certificates
// Also provide the password of the pinnedcert
trusted.load(in, "XXX".toCharArray());
trusted.size();
} finally {
in.close();
}
// Pass the pinnedcert to the SSLSocketFactory. The factory is responsible
// for the verification of the server certificate.
SSLSocketFactory sf = new SSLSocketFactory(trusted);
// Hostname verification from certificate
// http://hc.apache.org/httpcomponents-client-ga/tutorial/html/connmgmt.html#d4e506
sf.setHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER);
return sf;
} catch (Exception e) {
throw new AssertionError(e);
}
}
我试图注释setSSLSocketFactory行,但这给了我一个错误
java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
我知道服务器certificate
已过期,但现在我只想从应用程序中删除SSL
固定。
请从Android
代码中找到有关最佳方法的任何建议。