谷歌建议我在我的安卓应用程序中实现的X509TrustManager接口不安全,需要按以下方式更改代码:
为了正确处理SSL证书验证,请在自定义X509TrustManager接口的checkServerTrusted方法中更改您的代码,以便在服务器提供的证书不符合您的预期时引发CertificateException或IllegalArgumentException异常。如有技术问题,您可以发布到Stack Overflow并使用“android-security”和“TrustManager”标签。
如何修改以下代码以解决上述问题?
public EasySSLSocketFactory(KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
super(truststore);
TrustManager tm = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
public X509Certificate[] getAcceptedIssuers() {
return null;
}
};
mContext.init(null, new TrustManager[] { tm }, null);
}