Android的/ Java的 - 如何建立HTTPS连接?Android、Java、HTTPS

2023-09-13 00:23:59 作者:执子之手、陪你痴狂


I have code here that allows me to connect to https servers and transfer data. It works just fine, but I want to know if I'm doing it the right way and I'm actually making a secure connection. Please check my work. Thanks.

public class HTTPSClient extends DefaultHttpClient

    public HTTPSClient() 

    protected ClientConnectionManager createClientConnectionManager()
        SchemeRegistry registry = new SchemeRegistry();

        HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER;
        final SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory();
        socketFactory.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);

        registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
        registry.register(new Scheme("https", socketFactory, 80));
        registry.register(new Scheme("https", socketFactory, 443));

        HttpParams params = new BasicHttpParams();
        HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
        HttpProtocolParams.setContentCharset(params, "UTF-8");

        return new SingleClientConnManager(params, registry);


I use this code like so:

HttpResponse response = mConnection.httpsClient.execute(new HttpHost("", 80), new HttpGet("https://someaddress")));

然后我读那里的响应。 再次感谢。

I then read the response from there. Thanks again.


看看官方Custom SSL上下文来自Apache的HttpClient 的教程。

斯蒂芬ç提到的,你不需要注册端口80用于HTTPS环境。注册它,而不是用于HTTP(如果neccessary的话)。这意味着,当你调用一个HTTPS URL,适当的SocketFactory,按照指定的,将被使用。

As Stephen C mentioned, you don't need to register port 80 for the https context. Register it instead for http (if neccessary at all). This means, when you call a https url, the appropriate socketFactory, as you specified, will be used.


NOTE: You will receive in most cases a "Certificate not trusted" or similar exception when you connect from Android devices to sites with custom certificates or certificates from not very well known issuers. If this is the case, you need to create a custom certificate store for your application, so that it will trust your server certificates. If you want to know hot to achieve this, you can look at my blog article

如果您要检查,如果您的设备确实是通过安全连接进行通信,可以拨打电话到HTTPS端点从Android模拟器,并捕获与流量的 Wireshark的您的开发机器上。

If you want to check, if your device is really communicating via a secured connection, you could make the call to the https endpoint from your android emulator and capture the traffic with Wireshark on your developer machine.
