我有一些麻烦与Android上我试图访问自签名证书的详细信息，使用HttpClient的SSL我希望我的应用程序，以信任所有证书（我将使用SSL仅用于数据加密）。首先，我尝试使用本指南 http://hc.apache.org/httpclient-3 .X / sslguide.html 在桌面上工作正常，但在Android上我仍然有javax.net.ssl​​.SSLException：不受信任的服务器证书。搜索在谷歌之后，我发现了一些其他的例子如何启用SSL。

I have some troubles with ssl using httpclient on android i am trying to access self signed certificate in details i want my app to trust all certificates ( i will use ssl only for data encryption). First i tried using this guide http://hc.apache.org/httpclient-3.x/sslguide.html on Desktop is working fine but on android i still got javax.net.ssl.SSLException: Not trusted server certificate. After searching in google i found some other examples how to enable ssl.

的http://groups.google.com/group/android-developers/browse_thread/thread/62d856cdcfa9f16e - 工作时，我使用的URLConnection但HttpClient的还是得到了异常

http://groups.google.com/group/android-developers/browse_thread/thread/62d856cdcfa9f16e - Working when i use URLConnection but with HttpClient still got the exception.

的http://www.discursive.com/books/cjcook/reference/http-webdav-sect-self-signed.html - 使用Apache的罐子桌面工作，但在Android中使用包含在SDK类不能让它正常工作

http://www.discursive.com/books/cjcook/reference/http-webdav-sect-self-signed.html - on Desktop using jars from apache is working but in android using included in SDK classes can't make it work.

http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/200808.mbox/%3C1218824624.6561.14.camel@ubuntu%3E - 也得到了同样的异常

http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/200808.mbox/%3C1218824624.6561.14.camel@ubuntu%3E - also get the same exception

所以任何想法我怎么能相信所有证书在Android上使用的HttpClient

So any ideas how can i trust all certificates on android using HttpClient

推荐答案

如果你碰巧看到DefaultHttpClient的code，它看起来是这样的：

If you happen to look at the code of DefaultHttpClient, it looks something like this:

   @Override
    protected ClientConnectionManager createClientConnectionManager() {
        SchemeRegistry registry = new SchemeRegistry();
        registry.register(
                new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
        registry.register(
                new Scheme("https", SSLSocketFactory.getSocketFactory(), 443));

        ClientConnectionManager connManager = null;     
        HttpParams params = getParams();
        ...
    }

注意HTTPS方案，以org.apache.http.conn.ssl.SSLSocketFactory.getSocketFactory映射（）。

Notice the mapping of https scheme to org.apache.http.conn.ssl.SSLSocketFactory.getSocketFactory().

您可以创建自定义实施 org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory 接口(http://hc.apache.org/httpclient-3.x/apidocs/org/apache/commons/httpclient/protocol/SecureProtocolSocketFactory.html)其中，您可以创建 java.net.SSLSocket 用自定义的的TrustManager 接受所有证书。

You can create a custom implementation for org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory interface (http://hc.apache.org/httpclient-3.x/apidocs/org/apache/commons/httpclient/protocol/SecureProtocolSocketFactory.html) wherein, you can create java.net.SSLSocket with a custom TrustManager that accepts all certificate.

您可能想看看JSSE的更多细节在http://java.sun.com/j2se/1.4.2/docs/guide/security/jsse/JSSERefGuide.html

You may want to look into JSSE for more details at http://java.sun.com/j2se/1.4.2/docs/guide/security/jsse/JSSERefGuide.html