okhttp3证书解决方式

使用okttp3访问https时不配置证书或者忽略证书会报错：

java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.  

可以采用两种方式：
第一种：根据自己的证书服务器来配置，达到一对一的效果，每个商业app都应该有自己的证书设置，这样能保证访问的安全性。
第二种：在okhttp中设置信任所有证书

今天介绍第二种，具体方式采用下面的工具类：

public class RxUtils {

@SuppressLint("TrulyRandom")
public static SSLSocketFactory createSSLSocketFactory() {
    SSLSocketFactory sSLSocketFactory = null;
    try {
        SSLContext sc = SSLContext.getInstance("TLS");
        sc.init(null, new TrustManager[]{new TrustAllManager()},
                new SecureRandom());
        sSLSocketFactory = sc.getSocketFactory();
    } catch (Exception ignored) {
    }
    return sSLSocketFactory;
}

public static class TrustAllManager implements X509TrustManager {
    @SuppressLint("TrustAllX509TrustManager")
    @Override
    public void checkClientTrusted(X509Certificate[] chain, String authType)
            throws CertificateException {
    }

    @SuppressLint("TrustAllX509TrustManager")
    @Override
    public void checkServerTrusted(X509Certificate[] chain, String authType)
            throws CertificateException {
    }

    @Override
    public X509Certificate[] getAcceptedIssuers() {
        return new X509Certificate[0];
    }
}

public static class TrustAllHostnameVerifier implements HostnameVerifier {
    @SuppressLint("BadHostnameVerifier")
    @Override
    public boolean verify(String hostname, SSLSession session) {
        return true;
    }
 }
}

在okhttp中配置：

private void initOkHttpClient() {
    if (mOkHttpClient == null) {
        synchronized (this) {
            if (mOkHttpClient == null) {
                OkHttpClient.Builder builder = new OkHttpClient.Builder();
                HttpLoggingInterceptor loggingInterceptor =
                        new HttpLoggingInterceptor((message) -> Logger.i(message));
                loggingInterceptor.setLevel(HttpLoggingInterceptor.Level.BODY);
                mOkHttpClient= builder.addInterceptor(loggingInterceptor)
                        .addInterceptor(new DefaultHeaderInterceptor())
                        .connectTimeout(TIME_OUT, TimeUnit.SECONDS)
                        .readTimeout(TIME_OUT, TimeUnit.SECONDS)
                        .writeTimeout(TIME_OUT, TimeUnit.SECONDS)
                        .sslSocketFactory(RxUtils.createSSLSocketFactory())
                        .hostnameVerifier(new RxUtils.TrustAllHostnameVerifier())
                        .retryOnConnectionFailure(true).build();
            }
        }
    }

}

或者kotlin：

 val client = OkHttpClient.Builder()
                            .addInterceptor(interceptor)
                            .addInterceptor(HeadInterceptor())
                            .retryOnConnectionFailure(true)
                            .connectTimeout(5, TimeUnit.SECONDS)
                            .readTimeout(600, TimeUnit.SECONDS)
                            .writeTimeout(600, TimeUnit.SECONDS)
                            .hostnameVerifier( RxUtils.TrustAllHostnameVerifier())
                            .sslSocketFactory(RxUtils.createSSLSocketFactory(), TrustAllCerts())
                            .retryOnConnectionFailure(true)
                            .build()




class TrustAllCerts : X509TrustManager {
    @SuppressLint("TrustAllX509TrustManager")
    override fun checkClientTrusted(chain: Array<X509Certificate>, authType: String) {
    }

    @SuppressLint("TrustAllX509TrustManager")
    override fun checkServerTrusted(chain: Array<X509Certificate>, authType: String) {
    }

    override fun getAcceptedIssuers(): Array<X509Certificate?> {
        return arrayOfNulls(0)
    }
}

完成 ！ 记住okhttp3以前返回值是有区别的