目录(?)[+]

Simple HTTPS
1. HttpsClient
  1. Usage examples 用例
    1. Mutual SSL authentication two-way authentication 相互SSL身份验证双向身份验证
    2. A simple SSL authentication 简单的SSL认证
    3. Default
  2. Complete Example 完整的例子

不熟悉这块，所以前面的解释没怎么懂，例子倒是蛮好懂的

Simple HTTPS

Since AndroidAnnotations 2.6

@HttpsClient

The @HttpsClient simplifies HTTPS requests by injecting a HttpClient instance with a configured KeyStore, TrustStore and Hostname Verification.

通过注入配置过 KeyStore ， TrustStore 和 Hostname Verification 的 HttpClient 实例， @HttpsClient 简化了HTTPS请求。

All parameters are optionals.

所有参数都是可选的。

Usage examples 用例

Mutual SSL authentication (two-way authentication) 相互SSL身份验证（双向身份验证）

Here is the complete form if you want to achieve Client Auth:

假如你想实现客户端身份验证，下面是完整的格式：

@HttpsClient(trustStore=R.raw.cacerts, trustStorePwd="changeit",keyStore=R.raw.client,keyStorePwd="secret",allowAllHostnames=false)
HttpClient httpsClient;

trustStore: int, Resource id of your trust store file ex R.raw.cacerts.bks Typically your servers trusted certificates (public key, Root Chain Authority etc)

trustStore:int类型，是你 trust store 文件中，比如 R.raw.cacerts.bks 的资源id。典型为你的服务器受信任的证书（公钥， Root Chain Authority 等等）
trustStorePwd: String, Your TrustStore password (default is changeit)

trustStorePwd: String类型，你的 TrustStore 密码（默认为 changeit ）
keyStore: int, Resource id of your keystore Usually your private key (client certificate)

keyStore: int类型，通常是你私钥的资源id（客户端证书）
keyStorePwd: Your KeyStore password (default is changeit)

keyStorePwd: 你的 KeyStore密码（默认是 changeit ）
allowAllHostnames: boolean, if true, authorizes any TLS/SSL hostname (default true) If false, Hostname in certificate (DN) must match the URL

allowAllHostnames:boolean类型，若为true，授权给任何主机名（默认为）；若为false；证书中的主机名（DN）必须匹配URL

Note: Prior to ICS, Android accept [Key|Trust]store only in BKS format (Bouncycastle Key Store)

注意：在ICS之前，Android只接受BKS格式 (Bouncycastle Key Store) 的 [Key|Trust]store

A simple SSL authentication 简单的SSL认证

This is useful if your remote server use a selfsigned certificate or a certificate issued by a private certificate authority

假如你的远程服务器使用selfsigned证书或者通过私有认证机构发布的证书，那么这种方法比较有用

@HttpsClient(trustStore=R.raw.mycacerts, trustStorePwd="changeit")
HttpClient httpsClient;

Default

If you do not specify a truststore file, the annotation will use the default android truststore located at /system/etc/security/cacerts.bks which allows you to connect to a server signed with one of the trusted root CAs (Thawte, verisign etc.)

假如你没有指定truststore文件，注解会使用默认的android truststore，它的路径为，允许你连接一个与受信任的根证书 (Thawte, verisign等) 签订过的服务器

@Https
ClientHttpClient httpsClient;

Complete Example 完整的例子

@EActivity
public class MyActivity extends Activity {
        @HttpsClient(trustStore=R.raw.cacerts,trustStorePwd="changeit", hostnameVerif=true)HttpClient httpsClient;@AfterInject@Backgroundpublic void securedRequest() {
        try {
        HttpGet httpget = new HttpGet("https://www.verisign.com/");HttpResponse response = httpsClient.execute(httpget);doSomethingWithResponse(response);} catch (Exception e) {
        e.printStackTrace();}}@UiThreadpublic void doSomethingWithResponse(HttpResponse resp) {
        Toast.makeText(this, "HTTP status " + resp.getStatusLine().getStatusCode(), Toast.LENGTH_LONG).show();}
}