Does the Web View on Android support SSL?

前端 未结 4 1073
挽巷
挽巷 2020-11-27 05:43

The WebView control on android, does it support SSL?

I am trying to load a web page that uses a trusted ssl certificate but the WebView is

相关标签:
4条回答
  • 2020-11-27 06:09

    Not an expert, just what i could find on the web. from what I understand, the WebView does indeed support ssl, however, the blank screen is an indication that the WebView does not believe that the certificate is valid. This may happen with a certificate that is self-signed or a from a root auth that is not set up in android (perfectly valid cert does not validate). In any case, if you are using froyo or better you can try something like:

    import android.webkit.WebView;
    import android.webkit.WebViewClient;
    import android.webkit.SslErrorHandler;
    import android.net.http.SslError;
    
    ...
    
    engine = (WebView) findViewById(R.id.my_webview);
    engine.setWebViewClient(new WebViewClient() {
    
        @Override
        public void onReceivedSslError (WebView view, SslErrorHandler handler, SslError error) {
            handler.proceed();
        }
    });
    
    0 讨论(0)
  • 2020-11-27 06:15

    Google play rejected my app and then I did this...

     @Override
        public void onReceivedSslError(WebView view, final SslErrorHandler handler, SslError error) {
    
            try {
    
                //Get the X509 trust manager from your ssl certificate
                X509TrustManager trustManager = mySslCertificate.getX509TrustManager();
    
                //Get the certificate from error object
                Bundle bundle = SslCertificate.saveState(error.getCertificate());
                X509Certificate x509Certificate;
                byte[] bytes = bundle.getByteArray("x509-certificate");
                if (bytes == null) {
                    x509Certificate = null;
                } else {
                    CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
                    Certificate cert = certFactory.generateCertificate(new ByteArrayInputStream(bytes));
                    x509Certificate = (X509Certificate) cert;
                }
                X509Certificate[] x509Certificates = new X509Certificate[1];
                x509Certificates[0] = x509Certificate;
    
                // check weather the certificate is trusted
                trustManager.checkServerTrusted(x509Certificates, "ECDH_RSA");
    
                Log.e(TAG, "Certificate from " + error.getUrl() + " is trusted.");
                handler.proceed();
            } catch (Exception e) {
                Log.e(TAG, "Failed to access " + error.getUrl() + ". Error: " + error.getPrimaryError());
                final AlertDialog.Builder builder = new AlertDialog.Builder(WebViewActivity.this);
                String message = "SSL Certificate error.";
                switch (error.getPrimaryError()) {
                    case SslError.SSL_UNTRUSTED:
                        message = "The certificate authority is not trusted.";
                        break;
                    case SslError.SSL_EXPIRED:
                        message = "The certificate has expired.";
                        break;
                    case SslError.SSL_IDMISMATCH:
                        message = "The certificate Hostname mismatch.";
                        break;
                    case SslError.SSL_NOTYETVALID:
                        message = "The certificate is not yet valid.";
                        break;
                }
                message += " Do you want to continue anyway?";
    
                builder.setTitle("SSL Certificate Error");
                builder.setMessage(message);
                builder.setPositiveButton("continue", new DialogInterface.OnClickListener() {
                    @Override
                    public void onClick(DialogInterface dialog, int which) {
                        handler.proceed();
                    }
                });
                builder.setNegativeButton("cancel", new DialogInterface.OnClickListener() {
                    @Override
                    public void onClick(DialogInterface dialog, int which) {
                        handler.cancel();
                    }
                });
                final AlertDialog dialog = builder.create();
                dialog.show();
            }
        }
    

    After making the above changes Google play accepted my apk

    And to generate your ssl trust manager pls check this answer

    0 讨论(0)
  • 2020-11-27 06:19

    You have to enable webview setting to view SSL based website:

    webView.getSetting().setDomStorageEnable(true);
    
    0 讨论(0)
  • 2020-11-27 06:21

    To properly handle SSL certificate validationoogle play according to updated Security Policy, Change your code to invoke SslErrorHandler.proceed() whenever the certificate presented by the server meets your expectations, and invoke SslErrorHandler.cancel() otherwise.

    For example, I add an alert dialog to make user have confirmed and seems Google no longer shows warning.

        @Override
        public void onReceivedSslError(WebView view, final SslErrorHandler handler, SslError error) {
        final AlertDialog.Builder builder = new AlertDialog.Builder(view.getContext());
        String message = "SSL Certificate error.";
            switch (error.getPrimaryError()) {
                case SslError.SSL_UNTRUSTED:
                    message = "The certificate authority is not trusted.";
                    break;
                case SslError.SSL_EXPIRED:
                    message = "The certificate has expired.";
                    break;
                case SslError.SSL_IDMISMATCH:
                    message = "The certificate Hostname mismatch.";
                    break;
                case SslError.SSL_NOTYETVALID:
                    message = "The certificate is not yet valid.";
                    break;
            }
            message += " Do you want to continue anyway?";
    
            builder.setTitle("SSL Certificate Error");
            builder.setMessage(message);
        builder.setPositiveButton("continue", new DialogInterface.OnClickListener() {
            @Override
            public void onClick(DialogInterface dialog, int which) {
                handler.proceed();
            }
        });
        builder.setNegativeButton("cancel", new DialogInterface.OnClickListener() {
            @Override
            public void onClick(DialogInterface dialog, int which) {
                handler.cancel();
            }
        });
        final AlertDialog dialog = builder.create();
        dialog.show();
    }
    

    After this changes it will not show warning.

    0 讨论(0)
提交回复
热议问题