OkHttpClient.Builder sslSocketFactory已弃用

Question

我正在尝试使用(retrofit 2.0，okhttp3)进行https调用，我已经包含了ssl证书，它可以很好地与

OkHttpClient.Builder builder = new OkHttpClient.Builder(); builder.sslSocketFactory(getSSLConfig());

but it shows sslSocketFactory(getSSLConfig()) as deprecated and provides other option

sslSocketFactory(SSLSocketFactory sslSocketFactory, X509TrustManager trustManager)

我想更新我的代码并使用新的选项，而不是我在网上搜索的过时的方法，但找不到任何好的参考。如果有人能为这个问题提供一些好的参考，将是非常有帮助的。

Answer 1

您需要有效的证书。创建信任任何SSL证书的受信任OkHttpClient。尝试以下代码：

TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init((KeyStore) null);
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(trustManagers));
}
X509TrustManager trustManager = (X509TrustManager) trustManagers[0];
SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, new TrustManager[] { trustManager }, null);
SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
OkHttpClient client = new OkHttpClient.Builder().sslSocketFactory(sslSocketFactory, trustManager);

更多信息请点击此处：Now that SSLSocketFactory is deprecated on Android, what would be the best way to handle Client Certificate Authentication?