Android上的Web视图支持SSL吗?

By simon at 2018-02-28 • 0人收藏 • 42人看过

Android上的WebView控件,它支持SSL吗? 我正在尝试加载使用可信ssl证书的网页,但是该 WebView只是白色。 有什么建议么?

5 个回复 | 最后更新于 2018-02-28
2018-02-28   #1

不是专家,就是我能在网上找到的。从我的理解中, 然而,WebView的确支持sslk屏幕是一个指示 WebView不相信证书是有效的。这可能 与证书一起发生at是自签名还是来自根认证 没有在android中设置(完全有效的证书不验证)。任何状况之下, 如果你正在使用froyo或更好,你可以尝试像这样:

import android.webkit.WebView;
import android.webkit.WebViewClient;
import android.webkit.SslErrorHandler;
import android.net.http.SslError;

...

engine = (WebView) findViewById(R.id.my_webview);
engine.setWebViewClient(new WebViewClient() {

    @Override
    public void onReceivedSslError (WebView view, SslErrorHandler handler, SslError error) {
        handler.proceed();
    }
});

2018-02-28   #2

不是专家,就是我能在网上找到的。从我的理解中, 然而,WebView的确支持sslk屏幕是一个指示 WebView不相信证书是有效的。这可能 与证书一起发生at是自签名还是来自根认证 没有在android中设置(完全有效的证书不验证)。任何状况之下, 如果你正在使用froyo或更好,你可以尝试像这样:

import android.webkit.WebView;
import android.webkit.WebViewClient;
import android.webkit.SslErrorHandler;
import android.net.http.SslError;

...

engine = (WebView) findViewById(R.id.my_webview);
engine.setWebViewClient(new WebViewClient() {

    @Override
    public void onReceivedSslError (WebView view, SslErrorHandler handler, SslError error) {
        handler.proceed();
    }
});

2018-02-28   #3

您必须启用webview设置才能查看基于SSL的网站:

webView.getSetting().setDomStorageEnable(true);

2018-02-28   #4

根据更新正确处理SSL证书validationoogle play 安全策略,更改您的代码以调用SslErrorHandler.proceed()每当 服务器提供的证书符合您的期望,并调用 SslErrorHandler.cancel()除此以外。 例如,我添加一个警告对话框,以使用户已经确认和似乎 Google不再显示警告。

    @Override
    public void onReceivedSslError(WebView view, final SslErrorHandler handler, SslError error) {
    final AlertDialog.Builder builder = new AlertDialog.Builder(view.getContext());
    String message = "SSL Certificate error.";
        switch (error.getPrimaryError()) {
            case SslError.SSL_UNTRUSTED:
                message = "The certificate authority is not trusted.";
                break;
            case SslError.SSL_EXPIRED:
                message = "The certificate has expired.";
                break;
            case SslError.SSL_IDMISMATCH:
                message = "The certificate Hostname mismatch.";
                break;
            case SslError.SSL_NOTYETVALID:
                message = "The certificate is not yet valid.";
                break;
        }
        message += " Do you want to continue anyway?";

        builder.setTitle("SSL Certificate Error");
        builder.setMessage(message);
    builder.setPositiveButton("continue", new DialogInterface.OnClickListener() {
        @Override
        public void onClick(DialogInterface dialog, int which) {
            handler.proceed();
        }
    });
    builder.setNegativeButton("cancel", new DialogInterface.OnClickListener() {
        @Override
        public void onClick(DialogInterface dialog, int which) {
            handler.cancel();
        }
    });
    final AlertDialog dialog = builder.create();
    dialog.show();
}
改变后它不会显示警告。

2018-02-28   #5

Google Play拒绝了我的应用,然后我做了这个...

 @Override
    public void onReceivedSslError(WebView view, final SslErrorHandler handler, SslError error) {

        try {

            //Get the X509 trust manager from your ssl certificate
            X509TrustManager trustManager = mySslCertificate.getX509TrustManager();

            //Get the certificate from error object
            Bundle bundle = SslCertificate.saveState(error.getCertificate());
            X509Certificate x509Certificate;
            byte[] bytes = bundle.getByteArray("x509-certificate");
            if (bytes == null) {
                x509Certificate = null;
            } else {
                CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
                Certificate cert = certFactory.generateCertificate(new ByteArrayInputStream(bytes));
                x509Certificate = (X509Certificate) cert;
            }
            X509Certificate[] x509Certificates = new X509Certificate[1];
            x509Certificates[0] = x509Certificate;

            // check weather the certificate is trusted
            trustManager.checkServerTrusted(x509Certificates, "ECDH_RSA");

            Log.e(TAG, "Certificate from " + error.getUrl() + " is trusted.");
            handler.proceed();
        } catch (Exception e) {
            Log.e(TAG, "Failed to access " + error.getUrl() + ". Error: " + error.getPrimaryError());
            final AlertDialog.Builder builder = new AlertDialog.Builder(WebViewActivity.this);
            String message = "SSL Certificate error.";
            switch (error.getPrimaryError()) {
                case SslError.SSL_UNTRUSTED:
                    message = "The certificate authority is not trusted.";
                    break;
                case SslError.SSL_EXPIRED:
                    message = "The certificate has expired.";
                    break;
                case SslError.SSL_IDMISMATCH:
                    message = "The certificate Hostname mismatch.";
                    break;
                case SslError.SSL_NOTYETVALID:
                    message = "The certificate is not yet valid.";
                    break;
            }
            message += " Do you want to continue anyway?";

            builder.setTitle("SSL Certificate Error");
            builder.setMessage(message);
            builder.setPositiveButton("continue", new DialogInterface.OnClickListener() {
                @Override
                public void onClick(DialogInterface dialog, int which) {
                    handler.proceed();
                }
            });
            builder.setNegativeButton("cancel", new DialogInterface.OnClickListener() {
                @Override
                public void onClick(DialogInterface dialog, int which) {
                    handler.cancel();
                }
            });
            final AlertDialog dialog = builder.create();
            dialog.show();
        }
    }
完成上面的更改后,Google play接受了我的apk 并生成你的SSL信任管理器请检查这一点 [应答](https://stackoverflow.com/a/48966781/5058630)

登录后方可回帖

Loading...