1、添加network_security_config
<application
//....
android:usesCleartextTraffic="true"
android:networkSecurityConfig="@xml/network_security_config"
>
位置.png
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<base-config cleartextTrafficPermitted="true">
<trust-anchors>
<!-- <certificates src="@raw/debug_cas" />-->
<certificates src="system" />
<certificates src="user" />
</trust-anchors>
</base-config>
</network-security-config>
2、导入库
implementation 'com.github.bumptech.glide:glide:4.11.0'
annotationProcessor 'com.github.bumptech.glide:compiler:4.11.0'
implementation 'com.github.bumptech.glide:okhttp3-integration:4.3.1'
3、重写AppGlideModule类,重写registerComponents方法
package com.asura.android.tmspda.base.ssl;
import android.content.Context;
import android.os.Environment;
import androidx.annotation.NonNull;
import com.bumptech.glide.Glide;
import com.bumptech.glide.GlideBuilder;
import com.bumptech.glide.Registry;
import com.bumptech.glide.integration.okhttp3.OkHttpUrlLoader;
import com.bumptech.glide.load.model.GlideUrl;
import com.bumptech.glide.module.AppGlideModule;
import java.io.InputStream;
import java.util.concurrent.TimeUnit;
import me.hgj.jetpackmvvm.ext.ssl.SSLSocketClient2;
import okhttp3.OkHttpClient;
@com.bumptech.glide.annotation.GlideModule
public class AsuraGlideModule extends AppGlideModule {
private String sdRootPath = Environment.getExternalStorageDirectory().getPath();
private String appRootPath = null;
@Override
public void applyOptions(Context context, GlideBuilder builder) {
super.applyOptions(context, builder);
}
@Override
public void registerComponents(@NonNull Context context, @NonNull Glide glide, @NonNull Registry registry) {
//设置请求方式为okhttp 并设置okhttpClient的证书及超时时间
OkHttpClient okhttpClient = new OkHttpClient.Builder()
//1、配置一
// .sslSocketFactory( SSLSocketClient.getSSLSocketFactory())
//.hostnameVerifier( SSLSocketClient.getHostnameVerifier())
//2、配置二
.sslSocketFactory(SSLSocketClient2.getSSLSocketFactory())
.hostnameVerifier(SSLSocketClient2.getHostnameVerifier())
.retryOnConnectionFailure(true) // 设置出现错误进行重新连接。
.connectTimeout(15, TimeUnit.SECONDS)
.readTimeout(60 * 1000, TimeUnit.MILLISECONDS)
.writeTimeout(60 * 1000, TimeUnit.MILLISECONDS)
.build();
registry.replace(GlideUrl.class, InputStream.class,
new OkHttpUrlLoader.Factory(okhttpClient));
}
@Override
public boolean isManifestParsingEnabled() {
return false;
}
}
4、配置ssl工具类
package com.example.myapplication.utils;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
/**
* @author lyy
* 方案一:让okhttp支持https请求
*/
public class SSLSocketClient {
public static SSLSocketFactory getSSLSocketFactory() {
try {
SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, getTrustManager(), new SecureRandom());
return sslContext.getSocketFactory();
} catch (Exception e) {
throw new RuntimeException(e);
}
}
private static TrustManager[] getTrustManager() {
return new TrustManager[]{
new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[]{};
}
}
};
}
public static X509TrustManager geX509tTrustManager() {
return new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[]{};
}
};
}
public static HostnameVerifier getHostnameVerifier() {
return new HostnameVerifier() {
@Override
public boolean verify(String s, SSLSession sslSession) {
return true;
}
};
}
}
package com.example.myapplication.utils;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
/**
* @author lyy
* 方案二:让okhttp支持https请求
*/
public class SSLSocketClient2 {
//获取这个SSLSocketFactory
public static SSLSocketFactory getSSLSocketFactory() {
try {
SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, getTrustManager(), new SecureRandom());
return sslContext.getSocketFactory();
} catch (Exception e) {
throw new RuntimeException(e);
}
}
//获取TrustManager
private static TrustManager[] getTrustManager() {
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[]{};
}
}
};
return trustAllCerts;
}
//获取HostnameVerifier
public static HostnameVerifier getHostnameVerifier() {
HostnameVerifier hostnameVerifier = new HostnameVerifier() {
@Override
public boolean verify(String s, SSLSession sslSession) {
return true;
}
};
return hostnameVerifier;
}
}
5、在清单文件的application标签下加入
<application>
<!--配置Glide支持https-->
<meta-data
android:name="com.asura.android.tmspda.base.ssl.AsuraGlideModule"
android:value="AppGlideModule"
/>
<application>
特别注意: android:value必须是:AppGlideModule
特别注意:调试https图片显示的时候,不要使用手机代理;
参考链接1:https://blog.csdn.net/qq_34326332/article/details/104846745
参考链接2:https://blog.51cto.com/u_14987/6481205
