在尝试禁用TLS 1.0时,有些KitKat设备需要访问我的API.我尝试覆盖默认的套接字工厂,但没有成功.我试过转换为okhttp.还是行不通.如何获得Android KitKat连接到我的API?
解决方法:
我在棒棒糖之前的设备上也遇到过同样的问题.当我使用Retrofit时,这是Okhttp的解决方案.
Tls12SocketFactory.java:
public class Tls12SocketFactory extends SSLSocketFactory { private static final String[] TLS_V12_ONLY = {"TLSv1.2"}; final SSLSocketFactory delegate; public Tls12SocketFactory(SSLSocketFactory base) { this.delegate = base; } @OverrIDe public String[] getDefaultCipherSuites() { return delegate.getDefaultCipherSuites(); } @OverrIDe public String[] getSupportedCipherSuites() { return delegate.getSupportedCipherSuites(); } @OverrIDe public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException { return patch(delegate.createSocket(s, host, port, autoClose)); } @OverrIDe public Socket createSocket(String host, int port) throws IOException, UnkNownHostException { return patch(delegate.createSocket(host, port)); } @OverrIDe public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException, UnkNownHostException { return patch(delegate.createSocket(host, port, localHost, localPort)); } @OverrIDe public Socket createSocket(InetAddress host, int port) throws IOException { return patch(delegate.createSocket(host, port)); } @OverrIDe public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException { return patch(delegate.createSocket(address, port, localAddress, localPort)); } private Socket patch(Socket s) { if (s instanceof SSLSocket) { ((SSLSocket) s).setEnabledProtocols(TLS_V12_ONLY); } return s; }}OkhttpUtils.java:
public class OkhttpUtills { public static OkhttpClIEnt createhttpClIEnt() { httpLoggingInterceptor logging = new httpLoggingInterceptor(); logging.setLevel(httpLoggingInterceptor.Level.BODY); OkhttpClIEnt.Builder clIEnt = new OkhttpClIEnt.Builder() .followRedirects(true) .followSslRedirects(true) .addInterceptor(logging) .cache(null) .connectTimeout(15, TimeUnit.SECONDS) .writeTimeout(15, TimeUnit.SECONDS) .readTimeout(15, TimeUnit.SECONDS); return enableTls12OnPreLollipop(clIEnt).build(); } /** * Enables TLSv1.2 protocol (which is Disabled by default) * on pre-Lollipop devices, as well as on Lollipop, because some issues can take place on Samsung devices. * * @param clIEnt OKHtp clIEnt builder * @return */ private static OkhttpClIEnt.Builder enableTls12OnPreLollipop(OkhttpClIEnt.Builder clIEnt) { if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN && Build.VERSION.SDK_INT < Build.VERSION_CODES.LolliPOP_MR1) { try { SSLContext sc = SSLContext.getInstance("TLSv1.2"); sc.init(null, null, null); clIEnt.sslSocketFactory(new Tls12SocketFactory(sc.getSocketFactory())); Connectionspec cs = new Connectionspec.Builder(Connectionspec.MODERN_TLS) .tlsversions(Tlsversion.TLS_1_2) .build(); List<Connectionspec> specs = new ArrayList<>(); specs.add(cs); specs.add(Connectionspec.COMPATIBLE_TLS); specs.add(Connectionspec.CLEARTEXT); clIEnt.connectionspecs(specs); } catch (Exception exc) { Log.e("OkhttpTLSCompat", "Error while setting TLS 1.2", exc); } } return clIEnt; }}希望这可以对您有所帮助.
总结以上是内存溢出为你收集整理的Android 4.1至4.4 KitKat-为API启用TLS 1.2全部内容,希望文章能够帮你解决Android 4.1至4.4 KitKat-为API启用TLS 1.2所遇到的程序开发问题。
如果觉得内存溢出网站内容还不错,欢迎将内存溢出网站推荐给程序员好友。
欢迎分享,转载请注明来源:内存溢出
微信扫一扫
支付宝扫一扫
评论列表(0条)