问题
连上代理之后,装上代理的证书。然后7.0手机还是无法抓包。问题是因为7.0的系统,app内不再默认信任用户的证书了。
一般解决方案
app配置信任用户证书。
//mainifest中配置
<application
android:networkSecurityConfig="@xml/network_security_config"
...
//新建xml/network_sercurity_config文件
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<base-config>
<trust-anchors>
<certificates src="user"/>
</trust-anchors>
</base-config>
</network-security-config>
配置的具体含义,可以查看:
https://developer.android.google.cn/training/articles/security-config?hl=zh-cn#trust-anchors
okhttp的另外一种解决方案
让okhttp的请求信任自定义的证书(或信任所有)
//调用方
OkHttpClient mOkHttpClient = new OkHttpClient.Builder()
.sslSocketFactory(OkhttpSslUtils.createSSLSocketFactory(), new OkhttpSslUtils.TrustAllManager())
.build();
//工具类
public class OkhttpSslUtils {
public static SSLSocketFactory createSSLSocketFactory() {
SSLSocketFactory sSLSocketFactory = null;
try {
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, new TrustManager[]{new TrustAllManager()},
new SecureRandom());
sSLSocketFactory = sc.getSocketFactory();
} catch (Exception e) {
}
return sSLSocketFactory;
}
public static class TrustAllManager implements X509TrustManager {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
}
}
网友评论