This Article will let you know how to bypass SSL issue in your Android Development. Sometimes it happens when we face issues related to SSL in Android 4.4 or less. And we don’t want to embed our SSL certificate with Android App, In that case, this trick helps us. While dealing with javax.net.ssl.SSLPeerUnverifiedException error in Android development has sent me to a wild good chase. But now I have found the best solution to get rid of this kind of problems like SSL certificate is invalid, No peer certificate found etc. I’m sharing the solution what I have implemented in my code.
To go beyond the SSL problem in Android development you need to do some extra efforts. So start with this just Override some predefined methods & Classes. Now we are going to create a custom Socket Factory for HTTP Client.
First of all, create a class named SimpleSSLSocketFactory.java :
SimpleSSLSocketFactory.java :
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 |
import java.io.IOException; import java.net.Socket; import java.net.UnknownHostException; import java.security.KeyManagementException; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.security.UnrecoverableKeyException; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSocketFactory; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; public class SimpleSSLSocketFactory extends org.apache.http.conn.ssl.SSLSocketFactory { private SSLSocketFactory sslFactory = HttpsURLConnection.getDefaultSSLSocketFactory(); public SimpleSSLSocketFactory(KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { super(null); try { SSLContext context = SSLContext.getInstance("TLS"); // Create a trust manager that does not validate certificate chains and simply accept all type of certificates TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return new java.security.cert.X509Certificate[]{}; } public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } }}; // Initialize the socket factory context.init(null, trustAllCerts, new SecureRandom()); sslFactory = context.getSocketFactory(); } catch (Exception e) { e.printStackTrace(); } } @Override public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException { return sslFactory.createSocket(socket, host, port, autoClose); } @Override public Socket createSocket() throws IOException { return sslFactory.createSocket(); } } |
Now you have to use this Class as your default Httpclient. Create below-mentioned method in your connection class: or implement this as you need.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 |
public static String getDataWithMessage(String URL, Context mContext) { DefaultHttpClient httpClient = null; try { // Setup a custom SSL Factory object which simply ignore the certificates validation and accept all type of self signed certificates SSLSocketFactory sslFactory = new SimpleSSLSocketFactory(null); sslFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); // Enable HTTP parameters HttpParams params = new BasicHttpParams(); HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1); HttpProtocolParams.setContentCharset(params, HTTP.UTF_8); // Register the HTTP and HTTPS Protocols. For HTTPS, register our custom SSL Factory object. SchemeRegistry registry = new SchemeRegistry(); registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80)); registry.register(new Scheme("https", sslFactory, 443)); // Create a new connection manager using the newly created registry and then create a new HTTP client using this connection manager ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry); httpClient = new DefaultHttpClient(ccm, params); HttpPost httpPost = new HttpPost(URL); HttpResponse httpResponse = httpClient.execute(httpPost); if (httpResponse.getStatusLine().getStatusCode() == 200) { return EntityUtils.toString(httpResponse.getEntity()); } else { return null; } } catch (Exception e) { Log.e("Error", TAG + " " + e.getMessage()); httpClient.getConnectionManager().shutdown(); return null; } } |
Now Finally done! you are able to use any HTTPS site response on your mobile device code. No SSL Error, No Peer certificate Error etc. Enjoy !!