stream请求https证书问题

Mikey_Huang
  • 48

stream请求https接口的时候提示:此服务器的证书无效。您可能正在连接到一个伪装成“*”的服务器,这会威胁到您的极米信息的安全。(-1202)

weex能不能添加证书啊?

回复
阅读 5.5k
1 个回答

经过尝试,官方还不支持加证书。于是我尝试扩展,

在android上
扩展一个Adapter,继承DefaultWXHttpAdapter

public class BingoWXHttpAdapter extends DefaultWXHttpAdapter {

    @Override
    protected HttpURLConnection createConnection(URL url) throws IOException {
        HttpURLConnection conn = null;
        if (url.getProtocol().toLowerCase().equals("https")) {
            trustAllHosts();
            HttpsURLConnection httpsCon = (HttpsURLConnection) url.openConnection();
            httpsCon.setHostnameVerifier(DO_NOT_VERIFY);
            conn = httpsCon;
        } else {
            conn = (HttpURLConnection) url.openConnection();
        }
        return conn;
    }

    //host不验证
    private HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier() {
        public boolean verify(String hostname, SSLSession session) {
            return true;
        }
    };

    //信任所有证书
    private static void trustAllHosts() {
        final String TAG = "trustAllHosts";
        TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
            public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                return new java.security.cert.X509Certificate[]{};
            }

            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                Log.i(TAG, "checkClientTrusted");
            }

            public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                Log.i(TAG, "checkServerTrusted");
            }
        }};

        try {
            SSLContext sc = SSLContext.getInstance("TLS");
            sc.init(null, trustAllCerts, new java.security.SecureRandom());
            HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

}

之后在初始化Engine的时候注册它:

setHttpAdapter(new BingoWXHttpAdapter())

在iOS上
继承WXResourceRequestHandlerDefaultImpl实现didReceiveChallenge,具体代码如下:

#import <Foundation/Foundation.h>
#import "WXResourceRequestHandlerDefaultImpl.h"
#import "WXResourceRequestHandler.h"

@interface BingoWXNetworkImpl : WXResourceRequestHandlerDefaultImpl <WXResourceRequestHandler,NSURLSessionDataDelegate>

@end
#import "BingoWXNetworkImpl.h"

@implementation BingoWXNetworkImpl

- (void)URLSession:(NSURLSession *)session didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge
 completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential * __nullable credential))completionHandler {
    
    //    NSURLSessionAuthChallengeUseCredential = 0, 使用(信任)证书
    //    NSURLSessionAuthChallengePerformDefaultHandling = 1, 默认,忽略
    //    NSURLSessionAuthChallengeCancelAuthenticationChallenge = 2,   取消
    //    NSURLSessionAuthChallengeRejectProtectionSpace = 3,      这次取消,下载次还来问
    
    NSLog(@"%@>>>>>>>>>>>>>>>>>>>>>>>>",challenge.protectionSpace);
    // 如果是请求证书信任,我们再来处理,其他的不需要处理
    if (challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust) {
        NSURLCredential *cre = [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust];
        // 调用block
        completionHandler(NSURLSessionAuthChallengeUseCredential,cre);
    }
}
@end
撰写回答
你尚未登录,登录后可以
  • 和开发者交流问题的细节
  • 关注并接收问题和回答的更新提醒
  • 参与内容的编辑和改进,让解决方法与时俱进
宣传栏