一、Android
在\项目\node_modules\react-native\ReactAndroid\src\main\java\com\facebook\react\modules\network下,
一、添加HTTPSTrustManager.java文件:
package com.facebook.react.modules.network;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
/**
* Created by eyow on 2016/5/25.
*
* @添加HTTPS信任
*/
public class HTTPSTrustManager implements X509TrustManager {
private static final X509Certificate[] _AcceptedIssuers
= new X509Certificate[] {};
@Override
public void checkClientTrusted(X509Certificate[] x509Certificates, String s)
throws CertificateException {
// To change body of implemented methods use File | Settings | File
// Templates.
}
@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String s)
throws CertificateException {
// To change body of implemented methods use File | Settings | File
// Templates.
}
@Override public X509Certificate[] getAcceptedIssuers() {
return null;
}
public static SSLSocketFactory allowAllSSLSocketFactory() {
SSLSocketFactory sslSocketFactory = null;
try {
SSLContext sc= SSLContext.getInstance("TLS");
sc.init(null, new TrustManager[] { new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
}
@Override public X509Certificate[] getAcceptedIssuers() {
return _AcceptedIssuers;
}
} }, new SecureRandom());
sslSocketFactory = sc.getSocketFactory();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
}
return sslSocketFactory;
}
public static SSLSocketFactory buildSSLSocketFactory(InputStream inputStream) {
KeyStore keyStore = null;
try {
keyStore = buildKeyStore(inputStream);
} catch (KeyStoreException e) {
e.printStackTrace();
} catch (CertificateException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = null;
try {
tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keyStore);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (KeyStoreException e) {
e.printStackTrace();
}
SSLContext sslContext = null;
try {
sslContext = SSLContext.getInstance("TLS");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
try {
sslContext.init(null, tmf.getTrustManagers(), null);
} catch (KeyManagementException e) {
e.printStackTrace();
}
return sslContext.getSocketFactory();
}
private static KeyStore buildKeyStore(InputStream inputStream)
throws KeyStoreException, CertificateException,
NoSuchAlgorithmException, IOException {
String keyStoreType = KeyStore.getDefaultType();
KeyStore keyStore = KeyStore.getInstance(keyStoreType);
keyStore.load(null, null);
Certificate cert = readCert(inputStream);
keyStore.setCertificateEntry("ca", cert);
return keyStore;
}
private static Certificate readCert(InputStream inputStream) {
Certificate ca = null;
try {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
ca = cf.generateCertificate(inputStream);
} catch (CertificateException e) {
e.printStackTrace();
}
return ca;
}
}二、修改OkHttpClientProvider.java文件:
1、导入SSL相关包:
import javax.net.ssl.HostnameVerifier;import javax.net.ssl.SSLSocketFactory;import javax.net.ssl.SSLSession;
2、声明SSLSocketFactory
private static SSLSocketFactory sslSocketFactory;
3、修改 OkHttpClient.Builder代码
public static OkHttpClient.Builder createClientBuilder() {if (sslSocketFactory == null) {//要添加的代码sslSocketFactory = HTTPSTrustManager.allowAllSSLSocketFactory();}// No timeouts by defaultOkHttpClient.Builder client = new OkHttpClient.Builder().hostnameVerifier(new HostnameVerifier() {//要添加的代码public boolean verify(String hostname, SSLSession session) { return true;}}).sslSocketFactory(sslSocketFactory).connectTimeout(0, TimeUnit.MILLISECONDS).readTimeout(0, TimeUnit.MILLISECONDS).writeTimeout(0, TimeUnit.MILLISECONDS).cookieJar(new ReactCookieJarContainer());try {Class ConscryptProvider = Class.forName("org.conscrypt.OpenSSLProvider");Security.insertProviderAt( (Provider) ConscryptProvider.newInstance(), 1);return client;} catch (Exception e) {return enableTls12OnPreLollipop(client);}}二、ios
iOS端,通过查看fetch源码,在追踪到iOS代码发现其实fetch最后都是走的Native,在Liabraries->RCTNetwork中,具体代码
- (void)URLSession:(NSURLSession *)session didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *credential))completionHandler { completionHandler(NSURLSessionAuthChallengeUseCredential, [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust]); }
