CODEWITHSUNDEEP
androidsslhttps
Android-Droid
Android-Droid

Reputation: 14565

Android Verify SSL sertificate

I have a little problem with SSL Validation in my application. As I find over internet in FourSquare's documentation they suggest validation like this : SSL Calidation, but the problem is that I'm using an HttpsURLConnection and I want to use that class instead of DefaultHttpClient . So when I replace client in getTolerantClient with HttpsURLConnection and try to do this it's showing me some errors : 

    public HttpsURLConnection getTolerantClient() {
    HttpsURLConnection client = new HttpsURLConnection();
    SSLSocketFactory sslSocketFactory = (SSLSocketFactory) client.getConnectionManager().getSchemeRegistry().getScheme("https").getSocketFactory();
    final X509HostnameVerifier delegate = sslSocketFactory.getHostnameVerifier();
    if(!(delegate instanceof MyVerifier)) {
        sslSocketFactory.setHostnameVerifier(new MyVerifier(delegate));
    }
    return client;
}

like : 

The method getConnectionManager() is undefined for the type HttpsURLConnection

&

The method getHostnameVerifier() is undefined for the type SSLSocketFactory

So any idea how can I use this in my situation? Thanks in advance!

Upvotes: 1

Views: 2693

Answers (1)

Jcs
Jcs

Reputation: 13709

This code sample should help you to adapt the getTolerantClient method:

public URLConnection getTolerantClient(URL url) throws IOException {
    URLConnection conn = url.openConnection();
    if (!(conn instanceof HttpsURLConnection)) {
        /* not an https:// URL, nothing to do */
        return conn;
    }
    HttpsURLConnection httpsconn = (HttpsURLConnection)conn;
    final HostnameVerifier delegate = httpsconn.getHostnameVerifier();
    if(!(delegate instanceof MyVerifier)) {
        httpsconn.setHostnameVerifier(new MyVerifier(delegate));
    }
    return conn;
}

Of course, MyVerifier should implement the javax.net.ssl.HostnameVerifier interface.

Upvotes: 1

Related Questions