0
public static SSLContext getSSL() {
try {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
AssetManager assetManager = App.getAppContext()
.getAssets();
InputStream caInput = assetManager.open("cert.pem");
java.security.cert.X509Certificate ca = null;
try {
ca = (java.security.cert.X509Certificate) cf
.generateCertificate(caInput);
} catch (Exception er) {
} finally {
caInput.close();
}
String keyStoreType = KeyStore.getDefaultType();
KeyStore keyStore = KeyStore.getInstance(keyStoreType);
keyStore.load(null, null);
keyStore.setCertificateEntry("ca",
ca);
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory
.getInstance(tmfAlgorithm);
tmf.init(keyStore);
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), null);
return context;
} catch (Exception e1) {
return null;
}
}
所以我使用的功能,這是工作,當我調用下面的函數強制在Android應用程序更新證書。質子交換膜
((HttpsURLConnection) conn).setSSLSocketFactory(Common
.getSSL().getSocketFactory()
然而,當我的客戶告訴我的新問題arrised證書,並且我需要用新證書更新我的應用程序才能正常工作。我的問題是,對此有何正確方法?爲什麼我需要每次更新應用程序中的證書?我在asssets文件夾中。我應該每次從某處下載證書嗎?不更新應用程序的人將因爲舊證書而無法使用應用程序