Permitir conexiones no seguras

Cuando intentamos conectar con un servidor mediante https y el certificado no es “reconocido” nos da un error.

 

Para permitir todo tipo de conexiones seguras podemos crear una función

private static void trustAllHosts() {
		// Create a trust manager that does not validate certificate chains
		X509TrustManager tm = new X509TrustManager() {
			
			public java.security.cert.X509Certificate[] getAcceptedIssuers() {
				return new java.security.cert.X509Certificate[] {};
			}
			@Override
			public void checkClientTrusted(X509Certificate[] chain,
					String authType) throws CertificateException {
				// TODO Auto-generated method stub
				
			}
			@Override
			public void checkServerTrusted(X509Certificate[] chain,
					String authType) throws CertificateException {
				// TODO Auto-generated method stub
				
			}
		} ;
		TrustManager[] trustAllCerts = new TrustManager[] {tm};

		// Install the all-trusting trust manager
		try {
			SSLContext sc = SSLContext.getInstance("TLS");
			sc.init(null, trustAllCerts, new java.security.SecureRandom());
			HttpsURLConnection
					.setDefaultSSLSocketFactory(sc.getSocketFactory());
		} catch (Exception e) {
			e.printStackTrace();
		}
	}

Y llamar a la función antes de realizar la conexión:

HttpTransportSE androidHttpTransport= null;
		try {
			String conexion = url;
			trustAllHosts(); // poner aqui la llamada 
			androidHttpTransport = new HttpTransportSE(conexion);
			androidHttpTransport.debug = true;
			androidHttpTransport.call(METHOD, envelope,headerList);
			res=androidHttpTransport.responseDump;
			res=datoGateway(res);
		}catch (Exception e){
			Log.e("Error",e.toString());
			
		}

Deja un comentario

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *

* Please enter the Biggest Number