Created
September 6, 2017 08:51
-
-
Save muhammad-naderi/1360f85b6071c8eb0c68aa58595ad0d5 to your computer and use it in GitHub Desktop.
this gist is gathered from here or there in the internet, and I made a few adjustment to support all of Ion getInstance/getDefault models.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public void setSelfSignedSSL(Context mContext, @Nullable String instanceName){ | |
| try { | |
| CertificateFactory cf = CertificateFactory.getInstance("X.509"); | |
| // cert file stored in \app\src\main\res\raw | |
| InputStream caInput = new BufferedInputStream(mContext.getAssets().open("certificate.cer")); | |
| Certificate ca = cf.generateCertificate(caInput); | |
| caInput.close(); | |
| KeyStore keyStore = KeyStore.getInstance("BKS"); | |
| keyStore.load(null, null); | |
| keyStore.setCertificateEntry("ca", ca); | |
| String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm(); | |
| TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm); | |
| tmf.init(keyStore); | |
| TrustManager[] wrappedTrustManagers = getWrappedTrustManagers(tmf.getTrustManagers()); | |
| SSLContext sslContext = SSLContext.getInstance("TLS"); | |
| sslContext.init(null, wrappedTrustManagers, null); | |
| AsyncSSLSocketMiddleware sslMiddleWare; | |
| if(TextUtils.isEmpty(instanceName)){ | |
| sslMiddleWare = Ion.getDefault(mContext).getHttpClient().getSSLSocketMiddleware(); | |
| }else { | |
| sslMiddleWare = Ion | |
| .getInstance(mContext, instanceName) | |
| .getHttpClient().getSSLSocketMiddleware(); | |
| } | |
| sslMiddleWare.setTrustManagers(wrappedTrustManagers); | |
| sslMiddleWare.setHostnameVerifier(getHostnameVerifier()); | |
| sslMiddleWare.setSSLContext(sslContext); | |
| }catch (Exception e){ | |
| e.printStackTrace(); | |
| } | |
| } | |
| private HostnameVerifier getHostnameVerifier() { | |
| return new HostnameVerifier() { | |
| @Override | |
| public boolean verify(String hostname, SSLSession session) { | |
| return true; | |
| // or the following: | |
| // HostnameVerifier hv = HttpsURLConnection.getDefaultHostnameVerifier(); | |
| // return hv.verify("www.yourserver.com", session); | |
| } | |
| }; | |
| } | |
| private TrustManager[] getWrappedTrustManagers(TrustManager[] trustManagers) { | |
| final X509TrustManager originalTrustManager = (X509TrustManager) trustManagers[0]; | |
| return new TrustManager[]{ | |
| new X509TrustManager() { | |
| public X509Certificate[] getAcceptedIssuers() { | |
| return originalTrustManager.getAcceptedIssuers(); | |
| } | |
| public void checkClientTrusted(X509Certificate[] certs, String authType) { | |
| try { | |
| if (certs != null && certs.length > 0){ | |
| certs[0].checkValidity(); | |
| } else { | |
| originalTrustManager.checkClientTrusted(certs, authType); | |
| } | |
| } catch (CertificateException e) { | |
| Log.w("checkClientTrusted", e.toString()); | |
| } | |
| } | |
| public void checkServerTrusted(X509Certificate[] certs, String authType) { | |
| try { | |
| if (certs != null && certs.length > 0){ | |
| certs[0].checkValidity(); | |
| } else { | |
| originalTrustManager.checkServerTrusted(certs, authType); | |
| } | |
| } catch (CertificateException e) { | |
| Log.w("checkServerTrusted", e.toString()); | |
| } | |
| } | |
| } | |
| }; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment