tencent cloud

PrevNext

Feedback

search by keyword

Recent Pages

Documentation
HTTPDNS
    Documentation
    Download PDF

    HttpURLConnection

    Last updated: 2023-06-12 14:48:18
    Download PDF
    The sample for HTTPS certificate validation is as follows:
     // Take the domain `www.qq.com` and the IP `192.168.0.1` obtained by HTTPDNS as an example
    String url = "https://192.168.0.1/"; // Your own request connection
     HttpsURLConnection connection = (HttpsURLConnection) new URL(url).openConnection();
     connection.setRequestProperty("Host", "www.qq.com");
     connection.setHostnameVerifier(new HostnameVerifier() {
       @Override
       public boolean verify(String hostname, SSLSession session) {
           return HttpsURLConnection.getDefaultHostnameVerifier().verify("www.qq.com", session);
       }
     });
     connection.setConnectTimeout(mTimeOut); // Set the connection timeout period
     connection.setReadTimeout(mTimeOut); // Set the stream read timeout period
     connection.connect();
    The sample for HTTPS + SNI certificate validation is as follows:
     // Take the domain `www.qq.com` and the IP `192.168.0.1` obtained by HTTPDNS as an example
     String url = "https://192.168.0.1/"; // Encapsulate the business' request URL with the IP obtained by HTTPDNS
     HttpsURLConnection sniConn = null;
     try {
       sniConn = (HttpsURLConnection) new URL(url).openConnection();
       // Set the host field of the HTTP request header
       sniConn.setRequestProperty("Host", "www.qq.com");
       sniConn.setConnectTimeout(3000);
       sniConn.setReadTimeout(3000);
       sniConn.setInstanceFollowRedirects(false);
       // Customize SSLSocketFactory to carry the requested domain ***(key step)
       SniSSLSocketFactory sslSocketFactory = new SniSSLSocketFactory(sniConn);
       sniConn.setSSLSocketFactory(sslSocketFactory);
       // Verify whether the hostname and the server authentication scheme match
       HostnameVerifier hostnameVerifier = new HostnameVerifier() {
           @Override
           public boolean verify(String hostname, SSLSession session) {
               return HttpsURLConnection.getDefaultHostnameVerifier().verify("originally resolved domain", session);
           }
       };
       sniConn.setHostnameVerifier(hostnameVerifier);
       ...
     } catch (Exception e) {
       Log.w(TAG, "Request failed", e);
     } finally {
       if (sniConn != null) {
           sniConn.disconnect();
       }
     }
    
     class SniSSLSocketFactory extends SSLSocketFactory {
    
       private HttpsURLConnection mConn;
    
       public SniSSLSocketFactory(HttpsURLConnection conn) {
           mConn = conn;
       }
    
       @Override
       public Socket createSocket() throws IOException {
           return null;
       }
    
       @Override
       public Socket createSocket(String host, int port) throws IOException, UnknownHostException {
           return null;
       }
    
       @Override
       public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException, UnknownHostException {
           return null;
       }
    
       @Override
       public Socket createSocket(InetAddress host, int port) throws IOException {
           return null;
       }
    
       @Override
       public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {
           return null;
       }
    
       @Override
       public String[] getDefaultCipherSuites() {
           return new String[0];
       }
    
       @Override
       public String[] getSupportedCipherSuites() {
           return new String[0];
       }
    
       @Override
       public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException {
           String realHost = mConn.getRequestProperty("Host");
           if (realHost == null) {
               realHost = host;
           }
           Log.i(TAG, "customized createSocket host is: " + realHost);
           InetAddress address = socket.getInetAddress();
           if (autoClose) {
               socket.close();
           }
           SSLCertificateSocketFactory sslSocketFactory = (SSLCertificateSocketFactory) SSLCertificateSocketFactory.getDefault(0);
           SSLSocket ssl = (SSLSocket) sslSocketFactory.createSocket(address, port);
           ssl.setEnabledProtocols(ssl.getSupportedProtocols());
           if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN_MR1) {
               Log.i(TAG, "Setting SNI hostname");
               sslSocketFactory.setHostname(ssl, realHost);
           } else {
               Log.d(TAG, "No documented SNI support on Android < 4.2, trying with reflection");
               try {
                   Method setHostnameMethod = ssl.getClass().getMethod("setHostname", String.class);
                   setHostnameMethod.invoke(ssl, realHost);
               } catch (Exception e) {
                   Log.w(TAG, "SNI not useable", e);
               }
           }
           // Verify hostname and certificate
           SSLSession session = ssl.getSession();
           HostnameVerifier hostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
           if (!hostnameVerifier.verify(realHost, session)) {
               throw new SSLPeerUnverifiedException("Cannot verify hostname: " + realHost);
           }			
           Log.i(TAG, "Established " + session.getProtocol() + " connection with " + session.getPeerHost() + " using " + session.getCipherSuite());
           return ssl;
       }
     }
    
    Contact Us

    Contact our sales team or business advisors to help your business.

    Contact Us
    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    Submit a Ticket
    7x24 Phone Support
    Copyright © 2013-2024 Tencent Cloud. All Rights Reserved.
    Privacy PolicyLegalCookie Policy