Menu
I use two approaches to try to consumes HTTPS URL:
The old deprecated and return response with the right values.
Here is the code it didn't need ignore ssl certificate it ignore it by itself or may use other technique:
public String newApiPost(String url,String p1,String p2,String p3){
HttpClient httpClient = new DefaultHttpClient();
// replace with your url
HttpPost httpPost = new HttpPost(url);
//Post Data
List<NameValuePair> nameValuePair = new ArrayList<NameValuePair>
();
nameValuePair.add(new BasicNameValuePair("cliend_id",p1));
nameValuePair.add(new BasicNameValuePair("client_secret", p2));
nameValuePair.add(new BasicNameValuePair("key",p3));
//Encoding POST data
try {
httpPost.setEntity(new UrlEncodedFormEntity(nameValuePair));
} catch (UnsupportedEncodingException e) {
// log exception
e.printStackTrace();
}
//making POST request.
try {
HttpResponse response = httpClient.execute(httpPost);
HttpEntity httpEntity = response.getEntity();
String result = EntityUtils.toString(httpEntity,
HTTP.UTF_8);
Log.d("response", result);
// write response to log
Log.d("zzuu", result.toString());
} catch (ClientProtocolException e) {
// Log exception
e.printStackTrace();
} catch (IOException e) {
// Log exception
e.printStackTrace();
Log.d("dddfg", e.toString());
}catch (Exception e){
Log.d("dddfg", e.toString());
}
return "";
}
Then I used un-deprecated method HttpsUrlConnections which need ignore ssl certificate I use many way but didn't work:
public void sendNew (String urls,String paramValue1,String
paramValue2,String paramValue3){
URL url = null;
BufferedReader reader = null;
StringBuilder stringBuilder;
String data="";
try {
url = new URL(urls);
HttpsURLConnection conn = (HttpsURLConnection)
url.openConnection();
conn.setReadTimeout(10000);
conn.setConnectTimeout(15000);
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-Type", "application/x-www-form-
urlencoded");
conn.setRequestProperty("charset", "utf-8");
conn.setDoInput(true);
conn.setDoOutput(true);
Uri.Builder builder = new Uri.Builder()
.appendQueryParameter("cliend_id", paramValue1)
.appendQueryParameter("client_secret", paramValue2)
.appendQueryParameter("apikey", paramValue3);
String query = builder.build().getEncodedQuery();
OutputStream os = conn.getOutputStream();
BufferedWriter writer = new BufferedWriter(
new OutputStreamWriter(os, "UTF-8"));
writer.write(query);
writer.flush();
writer.close();
os.close();
conn.connect();
reader = new BufferedReader(new
InputStreamReader(conn.getErrorStream()));
stringBuilder = new StringBuilder();
String line = null;
while ((line = reader.readLine()) != null)
{
stringBuilder.append(line + "\n");
}
data= stringBuilder.toString();
Log.d("zzuu", data);
} catch (MalformedURLException e) {
e.printStackTrace();
} catch (ProtocolException e) {
e.printStackTrace();
Log.d("dddfg", e.toString());
} catch (IOException e) {
e.printStackTrace();
Log.d("dddfg", e.toString());
}catch (Exception e){
Log.d("dddfg", e.toString());
}
}
It responds with this error:
10-12 17:06:06.135 16052-16075/ W/System.err﹕ java.io.IOException: Hostname 'xxxxxxxx' was not verified
10-12 17:06:06.139 16052-16075/ W/System.err﹕ at libcore.net.http.HttpConnection.verifySecureSocketHostname(HttpConnection.java:223)
10-12 17:06:06.139 16052-16075/ W/System.err﹕ at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.connect(HttpsURLConnectionImpl.java:446)
10-12 17:06:06.139 16052-16075/ W/System.err﹕ at libcore.net.http.HttpEngine.sendSocketRequest(HttpEngine.java:290)
10-12 17:06:06.170 16052-16075/ W/System.err﹕ at libcore.net.http.HttpEngine.sendRequest(HttpEngine.java:240)
10-12 17:06:06.171 16052-16075/ W/System.err﹕ at libcore.net.http.HttpURLConnectionImpl.getResponse(HttpURLConnectionImpl.java:292)
10-12 17:06:06.175 16052-16075/ W/System.err﹕ at libcore.net.http.HttpURLConnectionImpl.getInputStream(HttpURLConnectionImpl.java:185)
10-12 17:06:06.175 16052-16075/ W/System.err﹕ at libcore.net.http.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:271)
10-12 17:06:06.176 16052-16075/ W/System.err﹕ at ubicall.sand.ubicall.helper.JSONParser.method(JSONParser.java:422)
10-12 17:06:06.177 16052-16075/ W/System.err﹕ at ubicall.sand.ubicall.activity.SplashActivity$Access.doInBackground(SplashActivity.java:111)
10-12 17:06:06.177 16052-16075/ W/System.err﹕ at ubicall.sand.ubicall.activity.SplashActivity$Access.doInBackground(SplashActivity.java:106)
10-12 17:06:06.177 16052-16075/ W/System.err﹕ at android.os.AsyncTask$2.call(AsyncTask.java:287)
I didn't understand when problem exactly it work good in restclient and postman the data send in body of url using post method then I discover that I need ignore ssl certificate when using HttpsURLConnection but I try many way to ignore but didn't work
I use
private void trustEveryone() {
try {
HttpsURLConnection.setDefaultHostnameVerifier(new
HostnameVerifier(){
public boolean verify(String hostname, SSLSession session)
{
return true;
}});
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, new X509TrustManager[]{new
X509TrustManager(){
public void checkClientTrusted(X509Certificate[] chain,
String authType) throws
CertificateException {}
public void checkServerTrusted(X509Certificate[] chain,
String authType) throws
CertificateException {}
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}}}, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(
context.getSocketFactory());
} catch (Exception e) { // should never happen
e.printStackTrace();
}
}
906
You need to pass the -k or --insecure option to the curl command. This option explicitly allows curl to perform “insecure” SSL connections and transfers. All SSL connections are attempted to be made secure by using the CA certificate bundle installed by default.
From your logcat information, I think you should read the following links:
HostnameVerifier
It is to be used during a handshake if the URL's hostname does not match the peer's identification hostname.
Common Problems with Hostname Verification
One reason this can happen is due to a server configuration error. The server is configured with a certificate that does not have a subject or subject alternative name fields that match the server you are trying to reach...
Then, you can refer to my answer to the following question:
OkHttp trusting certificate
EDIT: Relating to your idea 'ignore ssl', you can try the following (however, it's said that this is not recommended):
public class HttpsTrustManager implements X509TrustManager {
private static TrustManager[] trustManagers;
private static final X509Certificate[] _AcceptedIssuers = new X509Certificate[]{};
@Override
public void checkClientTrusted(
X509Certificate[] x509Certificates, String s)
throws java.security.cert.CertificateException {
}
@Override
public void checkServerTrusted(
X509Certificate[] x509Certificates, String s)
throws java.security.cert.CertificateException {
}
public boolean isClientTrusted(X509Certificate[] chain) {
return true;
}
public boolean isServerTrusted(X509Certificate[] chain) {
return true;
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return _AcceptedIssuers;
}
public static void allowAllSSL() {
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
});
SSLContext context = null;
if (trustManagers == null) {
trustManagers = new TrustManager[]{new HttpsTrustManager()};
}
try {
context = SSLContext.getInstance("TLS");
context.init(null, trustManagers, new SecureRandom());
} catch (NoSuchAlgorithmException | KeyManagementException e) {
e.printStackTrace();
}
HttpsURLConnection.setDefaultSSLSocketFactory(context != null ? context.getSocketFactory() : null);
}
}
Then, in your activity, call HttpsTrustManager.allowAllSSL();
139
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
