Unity 使用自己建立的certificate通過www進行https請求
阿新 • • 發佈:2019-02-11
https的概念我就不敘述了,可以自己去百度一下,總之可以讓http傳輸的內容更加安全。
但是把伺服器配置成使用自己頒發的證書接受https連線後,客戶端也要做相應修改才能進行https連線.
以下是需要客戶端做的事情.
* iOS
只需要修改WWWConnection.mm,就可以進行https連線.
//const char* WWWDelegateClassName = "UnityWWWConnectionSelfSignedCertDelegate";
const char* WWWDelegateClassName = "UnityWWWConnectionDelegate";
修改成
const char* WWWDelegateClassName = "UnityWWWConnectionSelfSignedCertDelegate"; //const char* WWWDelegateClassName = "UnityWWWConnectionDelegate";
* Android需要做更多的事情
把下面一大堆程式碼研究一下,就可以使用www,用ip進行https通訊了. 用域名更簡單
package com.netjoy.iblis; import android.app.Activity; import android.util.Log; import java.io.BufferedInputStream; import java.io.ByteArrayInputStream; import java.io.File; import java.io.FileInputStream; import java.io.InputStream; import java.security.KeyManagementException; import java.security.KeyStore; import java.security.NoSuchAlgorithmException; import java.security.cert.Certificate; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSession; import javax.net.ssl.TrustManagerFactory; /** * Created by cpeng on 6/21/16. */ public class SSLUtil { private static SSLUtil _instance; public static SSLUtil getInstance() { if (_instance == null) { _instance = new SSLUtil(); } return _instance; } //see https://developer.android.com/training/articles/security-ssl.html public void trust(Activity activity) { String fileName = ""; try { InputStream in = activity.getResources().getAssets().open("server.crt"); int length = in.available(); byte[] buffer = new byte[length]; in.read(buffer); in.close(); trust(buffer); } catch (java.io.IOException e) { e.printStackTrace(); } } private void trust(byte[] crtFileContent) { try { // Load CAs from an InputStream CertificateFactory cf = CertificateFactory.getInstance("X.509"); InputStream caInput = new BufferedInputStream(new ByteArrayInputStream(crtFileContent)); Certificate ca; try { ca = cf.generateCertificate(caInput); Log.d("JavaSSLHelper", "ca=" + ((X509Certificate) ca).getSubjectDN()); Log.d("JavaSSLHelper", "Certificate successfully created"); } finally { caInput.close(); } // Create a KeyStore containing our trusted CAs String keyStoreType = KeyStore.getDefaultType(); KeyStore keyStore = KeyStore.getInstance(keyStoreType); keyStore.load(null, null); keyStore.setCertificateEntry("ca", ca); // Create a TrustManager that trusts the CAs in our KeyStore String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm(); TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm); tmf.init(keyStore); try { // Create an SSLContext that uses our TrustManager SSLContext context = SSLContext.getInstance("TLS"); context.init(null, tmf.getTrustManagers(), null); //this is important: unity will use the default ssl socket factory we just created HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory()); Log.d("JavaSSLHelper", "Default SSL Socket set."); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } catch (KeyManagementException e) { throw new RuntimeException(e); } }catch(Exception e) { throw new RuntimeException(e); } trustHostName(); } public void trustHostName() { HostVerifier hostVerifier = new HostVerifier(); HttpsURLConnection.setDefaultHostnameVerifier(hostVerifier); } public class HostVerifier implements HostnameVerifier { @Override public boolean verify(String hostname, SSLSession session) { Log.i("SSLUtil", "HOST NAME " + hostname); return true; // if (hostname.contentEquals("192.168.2.243")) { // Log.i("SSLUtil", "Approving certificate for host " + hostname); // return true; // } // return false; } } }