Disable SSL certificate check in retrofit library
I am using retrofit in android to connect with server.
public class ApiClient {
public static final String BASE_URL = \"https://example.com/\";
priva
-
Adding code for doing same in Kotlin based on @Hitesh Sahu's answer :
fun getRetrofirApiService(currentBaseURL: String): YourAPIService{ val TIMEOUT = 2L val logging = HttpLoggingInterceptor() logging.setLevel(HttpLoggingInterceptor.Level.BODY) val retrofit = Retrofit.Builder() .baseUrl(currentBaseURL) .addCallAdapterFactory(RxJava2CallAdapterFactory.create()) .addConverterFactory(NullOnEmptyConverterFactory()) .addConverterFactory(GsonConverterFactory.create()) .client(createOkHttpClient()) .build() return retrofit.create(APIService::class.java) }Now create Http client for same as shown below :
private fun createOkHttpClient(): OkHttpClient { return try { val trustAllCerts: Array<TrustManager> = arrayOf(MyManager()) val sslContext = SSLContext.getInstance("SSL") sslContext.init(null, trustAllCerts, SecureRandom()) val logging = HttpLoggingInterceptor() logging.level = HttpLoggingInterceptor.Level.BODY OkHttpClient.Builder() .sslSocketFactory(sslContext.getSocketFactory()) .addInterceptor(logging) .hostnameVerifier { hostname: String?, session: SSLSession? -> true } .build() } catch (e: Exception) { throw RuntimeException(e) } }MyManager class is as shown below :
class MyManager : X509TrustManager { override fun checkServerTrusted( p0: Array<out java.security.cert.X509Certificate>?, p1: String? ) { //allow all } override fun checkClientTrusted( p0: Array<out java.security.cert.X509Certificate>?, p1: String? ) { //allow all } override fun getAcceptedIssuers(): Array<java.security.cert.X509Certificate> { return arrayOf() } }Imports for same are as shown below :
import okhttp3.MediaType import okhttp3.OkHttpClient import okhttp3.RequestBody import okhttp3.logging.HttpLoggingInterceptor import retrofit2.Retrofit import retrofit2.adapter.rxjava2.Result import retrofit2.adapter.rxjava2.RxJava2CallAdapterFactory import retrofit2.converter.gson.GsonConverterFactory import java.security.SecureRandom import java.util.concurrent.TimeUnit import javax.net.ssl.SSLContext import javax.net.ssl.SSLSession import javax.net.ssl.TrustManager import javax.net.ssl.X509TrustManager讨论(0) -
Use this class to get unsafe Retrofit instance. I have included imports to avoid confusion.
import java.security.cert.CertificateException; import javax.net.ssl.HostnameVerifier; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSession; import javax.net.ssl.SSLSocketFactory; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; import okhttp3.OkHttpClient; import retrofit2.Retrofit; import retrofit2.converter.gson.GsonConverterFactory; import view.utils.AppConstants; /** * Created by Hitesh.Sahu on 11/23/2016. */ public class NetworkHandler { public static Retrofit getRetrofit() { return new Retrofit.Builder() .baseUrl(AppConstants.BASE_URL) .addConverterFactory(GsonConverterFactory.create()) .client(getUnsafeOkHttpClient()) .build(); } private static OkHttpClient getUnsafeOkHttpClient() { try { // Create a trust manager that does not validate certificate chains final TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { @Override public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException { } @Override public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException { } @Override public java.security.cert.X509Certificate[] getAcceptedIssuers() { return new java.security.cert.X509Certificate[]{}; } } }; // Install the all-trusting trust manager final SSLContext sslContext = SSLContext.getInstance("SSL"); sslContext.init(null, trustAllCerts, new java.security.SecureRandom()); // Create an ssl socket factory with our all-trusting manager final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory(); OkHttpClient.Builder builder = new OkHttpClient.Builder(); builder.sslSocketFactory(sslSocketFactory); builder.hostnameVerifier(new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession session) { return true; } }); OkHttpClient okHttpClient = builder.build(); return okHttpClient; } catch (Exception e) { throw new RuntimeException(e); } } }And then simply use retrofit without ssl check like this
private void postFeedbackOnServer() { MyApiEndpointInterface apiService = NetworkHandler.getRetrofit().create(MyApiEndpointInterface.class); Call<ResponseBE> call = apiService.submitFeedbackToServer(requestObject); Log.e(TAG , "Request is" + new Gson().toJson(requestObject).toString() ); call.enqueue(new Callback<ResponseBE>() { @Override public void onResponse(Call<ResponseBE> call, Response<ResponseBE> response) { int statusCode = response.code(); if (statusCode == HttpURLConnection.HTTP_OK) { ...... } else { Toast.makeText(FeedbackActivity.this, "Failed to submit Data" + statusCode, Toast.LENGTH_SHORT).show(); } } @Override public void onFailure(Call<ResponseBE> call, Throwable t) { // Log error here since request failed Toast.makeText(FeedbackActivity.this, "Failure" + t.getLocalizedMessage(), Toast.LENGTH_SHORT).show(); } }); }讨论(0)
加载中...
- 热议问题