i was using AsyncHttpClient
link for making http calls but now our server has migrated to HTTPS and I am getting exception javax.net.ssl.SSLPeerUnverifiedException: No peer certificate
.
Has anyone tried making https call using this library ?
initialization of AsyncHttpClient :-
AsyncHttpClient client = new AsyncHttpClient();
PersistentCookieStore myCookieStore = new PersistentCookieStore(
getActivity());
// List<Cookie> cookies = myCookieStore.getCookies();
myCookieStore.clear();
// cookies = myCookieStore.getCookies();
client.setCookieStore(myCookieStore);
client.get(loginUrl, new JsonHttpResponseHandler() {
@Override
public void onStart() {
super.onStart();
progressBar.setVisibility(View.VISIBLE);
}
@Override
public void onFinish() {
super.onFinish();
progressBar.setVisibility(View.GONE);
}
@Override
public void onSuccess(int statusCode, JSONObject userInfo) {
super.onSuccess(statusCode, userInfo);
String errorMsg = null;
try {
errorMsg = userInfo.getString("error");
} catch (JSONException e) {
e.printStackTrace();
}
if (errorMsg != null) {
errorMsg = getActivity().getResources().getString(
R.string.loginFailure)
+ "\nError: " + errorMsg;
tvLoginFailure.setText(errorMsg);
tvLoginFailure.setVisibility(View.VISIBLE);
} else {
Subscriber.setEmail(email);
Subscriber.setPassword(password);
LoginUtility.saveUserInfo(getActivity(), userInfo);
if (Subscriber.getStatus().contentEquals("ACTIVE")) {
Intent intent;
if (MyApplication.ottMode) {
intent = new Intent(getActivity(),
OTTMainScreen.class);
} else {
intent = new Intent(getActivity(),
MainActivity.class);
intent.putExtra("SIGNEDIN", true);
}
if (MyApplication.ottMode) {
Utility.playSound(getActivity());
}
startActivity(intent);
getActivity().finish();
} else if (Subscriber.getStatus().contentEquals(
"SUSPENDED")) {
try {
String suspendedReason = userInfo
.getString("suspendreason");
if (suspendedReason != null
&& suspendedReason
.contentEquals("NO_SUBSCRIPTION")) {
new AlertDialog.Builder(getActivity())
.setIcon(
android.R.drawable.ic_dialog_alert)
.setTitle("Account Suspended")
.setMessage(
"Your account doesn't have any active subscription. You need to subscribe to a Package before you can proceed.")
.setPositiveButton(
"Subscribe",
new DialogInterface.OnClickListener() {
public void onClick(
DialogInterface dialog,
int which) {
recreatePackage();
}
})
.setNegativeButton("Cancel", null)
.show();
} else {
// TODO
}
} catch (JSONException e) {
e.printStackTrace();
}
} else if (Subscriber.getStatus().contentEquals("INIT")) {
// TODO
}
}
}
@Override
public void onFailure(int statusCode,
org.apache.http.Header[] headers, String responseBody,
Throwable e) {
super.onFailure(statusCode, headers, responseBody, e);
String msg = getActivity().getResources().getString(
R.string.loginFailure)
+ "\nError: " + responseBody;
tvLoginFailure.setText(msg);
tvLoginFailure.setVisibility(View.VISIBLE);
}
});
You need import the public server certificate into your default keystore, or if you are not interested in the authentication of your client you can initialize the AsyncHttpClient
with
AsyncHttpClient asycnHttpClient = new AsyncHttpClient(true, 80, 443);
but this trick is not secure because use a custom SSLSocketFactory implementation whos omit the SSL certificate validation, take a look at the AsyncHttpClient source code.
More information about SSLSocketFactory at https://developer.android.com/reference/org/apache/http/conn/ssl/SSLSocketFactory.html
you can also solve this problem, with adding this 1 line.
asyncHttpClient.setSSLSocketFactory(MySSLSocketFactory.getFixedSocketFactory());
I have a simple http client that calls https service:
import android.util.Log;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.HttpClient;
import org.apache.http.client.ResponseHandler;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.AbstractHttpClient;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.protocol.HTTP;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.util.List;
/**
*/
public class HttpSimpleClient {
private static final String TAG = HttpSimpleClient.class.getSimpleName();
private static HttpSimpleClient instance;
private HttpSimpleClient(){}
public static HttpSimpleClient instance(){
if (instance==null) {
instance = new HttpSimpleClient();
}
return instance;
}
public <T> T post(URL url,
List<NameValuePair> header,
List<NameValuePair> parameter,
ResponseHandler<T> responseHandler) throws IOException {
return post(url, header, parameter, responseHandler, null, null);
}
public <T> T post(URL url,
List<NameValuePair> header,
List<NameValuePair> parameter,
ResponseHandler<T> responseHandler,
AuthScope proxy,
UsernamePasswordCredentials proxyUser) throws IOException {
HttpClient httpClient = new DefaultHttpClient();
HttpPost request = new HttpPost(url.toString());
if (header!=null) {
for (NameValuePair head : header){
request.setHeader(head.getName(), head.getValue());
}
Log.d(TAG, "Aggiunti header: "+ header.size());
} else {
// Header di default
request.setHeader("Content-Type", "application/x-www-form-urlencoded");
request.setHeader("User-Agent", System.getProperty("http.agent"));
Log.d(TAG, "Aggiunti header di defautl");
}
if (parameter!=null) {
request.setEntity(new UrlEncodedFormEntity(parameter, HTTP.UTF_8));
Log.d(TAG, "Aggiunti parametri: "+ parameter.size());
}
if (proxy!=null) {
if (proxyUser!=null) {
((AbstractHttpClient) httpClient).getCredentialsProvider().setCredentials(proxy, proxyUser);
} else {
// TODO gestire proxy senza credenziali
((AbstractHttpClient) httpClient).getCredentialsProvider().setCredentials(proxy, null);
}
Log.d(TAG, "Impostato Proxy per la connessione");
}
return httpClient.execute(request, responseHandler);
}
public static String httpResponseToString(HttpResponse httpResponse, int bufferSize) throws IOException {
InputStream content = httpResponse.getEntity().getContent();
int numRead;
byte[] buffer = new byte[bufferSize];
ByteArrayOutputStream outString = new ByteArrayOutputStream();
try{
while ((numRead = content.read(buffer)) != -1) {
outString.write(buffer, 0, numRead);
}
} finally {
content.close();
}
return new String(outString.toByteArray());
}
}
And i use it in a AsyncTask:
response = HttpSimpleClient.instance().post(
getServiceURL(), // HTTPS url
mHeader, // List<NameValuePair>
mParameter, // List<NameValuePair>
getResponseHandler() // org.apache.http.client.ResponseHandler
);
Tested on Android api>=10
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With