文档

Android 5.X 手机证书过期的问题

更新时间:

故障描述

在客户端出现如下日志。

com.android.org.bouncycastle.jce.exception.ExtCertPathValidatorException:  
Could not validate certificate: Certificate expired at Sat No 
v 06 20:00:00 GMT+08:00 2021 (compared to Wed Jan 12 10:12:30 GMT+08:00 2022)\"",

问题原因

此故障为 Android 5.x 手机系统问题,解决办法是信任所有证书。

解决方法

在客户端设置 TinyAppRequestPluginProvider

// H5Utils.setProvider(TinyAppRequestPluginProvider.class.getName() ,
new TinyAppRequestPluginProviderImp() );

public class TinyAppRequestPluginProviderImpl implements TinyAppRequestPluginProvider {
    private static final String TAG = "TinyAppRequestPluginProviderImpl";
    SSLSocketFactoryImp sf;

    public void onAndroidHttpClientCreate(AndroidHttpClient androidHttpClient) {
        setCA(androidHttpClient);
    }

    private void setCA(AndroidHttpClient client) {

        //5.x以下手机信任证书设置
        if (Build.VERSION.SDK_INT < 23) {
            KeyStore trustStore;
            try {
                trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
                trustStore.load(null ,null);

                //创建SSLSocketFactory,创建相关的Socket
                sf = new SSLSocketFactoryImp(trustStore);
                sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
                client.getConnectionManager().getSchemeRegistry()
                        .register(new Scheme("https" ,sf ,443));
            }catch (Exception e){

            }

        }
    }
}


/*基线版本21--*/
public class SSLSocketFactoryImp extends SSLSocketFactory {
    final SSLContext sslContext = SSLContext.getInstance("TLS");
    public SSLSocketFactoryImp(KeyStore truststore)
            throws NoSuchAlgorithmException, KeyManagementException,
            KeyStoreException, UnrecoverableKeyException {
        super(truststore);
        TrustManager tm = new X509TrustManager() {
            public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                return null;
            }
            @Override
            public void checkClientTrusted(
                    java.security.cert.X509Certificate[] chain,
                    String authType)
                    throws java.security.cert.CertificateException {
            }
            @Override
            public void checkServerTrusted(
                    java.security.cert.X509Certificate[] chain,
                    String authType)
                    throws java.security.cert.CertificateException {
            }
        };
        sslContext.init(null, new TrustManager[] { tm }, null);
    }
    @Override
    public Socket createSocket(Socket socket, String host, int port,
                               boolean autoClose) throws IOException, UnknownHostException {
        return sslContext.getSocketFactory().createSocket(socket, host,
                port, autoClose);
    }
    @Override
    public Socket createSocket() throws IOException {
        return sslContext.getSocketFactory().createSocket();
    }
}

  • 本页导读 (0)
文档反馈