android-securityexception


how to fix the issue “How to fix apps containing an unsafe implementation of TrustManager”


here is my first class service handler class
public class ServiceHandler {
static String response = null;
public final static int GET = 1;
public final static int POST = 2;
public ServiceHandler() {
Log.e("servicehandle","servicerhandle");
}
public String makeServiceCall(String url, int method, List<NameValuePair> params) {
try {
Log.e("servicehandle","servicerhandle");
DefaultHttpClient httpclient = null; //new DefaultHttpClient();
HttpEntity httpentity = null;
HttpResponse httpresponse = null;
SSLSocketFactory sslFactory = new SimpleSSLSocketFactory(null);
sslFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
// Enable HTTP parameters
HttpParams httpParams = new BasicHttpParams();
HttpProtocolParams.setVersion(httpParams, HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(httpParams, HTTP.UTF_8);
// Register the HTTP and HTTPS Protocols. For HTTPS, register our custom SSL Factory object.
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
registry.register(new Scheme("https", sslFactory, 443));
// Create a new connection manager using the newly created registry and then create a new HTTP client using this connection manager
ClientConnectionManager ccm = new ThreadSafeClientConnManager(httpParams, registry);
httpclient = new DefaultHttpClient(ccm, httpParams);
Log.e("post","post");
if (method == POST) {
//System.out.println("request :"+params);
//System.out.println("post_url :"+url);
Log.e("service","url ="+url);
HttpPost httpPost = new HttpPost(url);
Log.e("service","error1");
if (params != null) {
httpPost.setEntity(new UrlEncodedFormEntity(params));
Log.e("service", "error2");
}
httpresponse = httpclient.execute(httpPost);
Log.e("service","error3");
} else if (method == GET) {
// appending params to url
if (params != null) {
Log.e("service","error4");
String paramString = URLEncodedUtils
.format(params, "utf-8");
url += "?" + paramString;
}
HttpGet httpGet = new HttpGet(url);
Log.e("service","error5");
httpresponse = httpclient.execute(httpGet);
Log.e("service","error6");
}
httpentity = httpresponse.getEntity();
Log.e("service","error7"+httpentity);
response = EntityUtils.toString(httpentity);
Log.d("data",response+"");
//System.out.println("response :"+response);
} catch (Exception e) {
e.printStackTrace();
Log.e("excservice", String.valueOf(e)+"");
}
return response;
}
and my second class is SSlFactoryclass
public class SimpleSSLSocketFactory extends org.apache.http.conn.ssl.SSLSocketFactory {
private SSLSocketFactory sslFactory = HttpsURLConnection.getDefaultSSLSocketFactory();
public SimpleSSLSocketFactory(KeyStore truststore)
throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
super(null);
try {
SSLContext context = SSLContext.getInstance("TLS");
// Create a trust manager that does not validate certificate chains and simply accept all type of certificates
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[] {};
}
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
} };
// Initialize the socket factory
context.init(null, trustAllCerts, new SecureRandom());
sslFactory = context.getSocketFactory();
} catch (Exception e) {
e.printStackTrace();
}
}
#Override
public Socket createSocket(Socket socket, String host, int port, boolean autoClose)
throws IOException, UnknownHostException {
return sslFactory.createSocket(socket, host, port, autoClose);
}
#Override
public Socket createSocket() throws IOException {
return sslFactory.createSocket();
}

Related Links

how to fix the issue “How to fix apps containing an unsafe implementation of TrustManager”

Categories

HOME
phantom-dsl
gpu
nunit
apache-spark-mllib
pclxl
owl-carousel
rom
web-hosting
google-admin-sdk
nfs
extjs4.2
fosrestbundle
naivebayes
renjin
flash-player
azure-iot-hub
alpacajs
esoteric-languages
powershell-v5.0
template-engine
google-data-studio
sigma.js
bourbon
simpleitk
cgbitmapcontext
monit
displaytag
mount
onload
motion-detection
oculus
quantlib
carrierwave
scrollview
aws-codecommit
dsx-desktop
openwhisk
fiware-cygnus
cd
filesystemwatcher
xv6
android-ibeacon
print-css
oracle-service-bus
congestion-control
apache-directory
httr
servermanager
httrack
openal
google-cse
amq
azure-cli
reshape
mouseleave
filenet
docpad
ziparchive
winusb
preprocessor
async.js
vulcanize
rspec2
model-associations
expectations
libav
nio2
httpruntime.cache
toast
crouton-os
inf
phonertc
sapscript
vacuum
uvc
gamekit
public-html
sql-scripts
rmysql
insight.database
cancellation
ray
android-framework
websphere-esb
square-bracket
gd-graph
code-duplication
cffile
pagedown
http-status-code-410
subproject
database-create
window-decoration
apache-commons-dbutils
jqote
tournament
cuteeditor
cac
undefined-index
globals
murmurhash
lalr
wysiwym
fault-tolerance
int64

Resources

Encrypt Message