android - 从邮递员和 android 应用程序中访问 REST API 具有不同的行为

问题描述

当我点击 API 表单 POSTMAN 时，我能够得到响应。但是，当我使用代码“使用 Retrofit 的 Android 应用程序”时，出现以下错误：“java.security.cert.CertPathValidatorException：找不到证书路径的信任锚。”。

我曾尝试以下选项来解决问题。

1. 清单：android:usesCleartextTraffic="true" & android:networkSecurityConfig="@xml/network_security_config" 2.network_security_config.xml

<network-security-config> xmlns:android="http://schemas.android.com/apk/res/android">
    <base-config cleartextTrafficPermitted="true" />
</network-security-config>

3. using certificate: take ref from internet: object HttpClient { // 创建一个不验证证书链的信任管理器 val unsafeOkHttpClient: OkHttpClient

   // 安装全信任信任管理器

    // Create an ssl socket factory with our all-trusting manager
    get() = try {
        // Create a trust manager that does not validate certificate chains
        val trustAllCerts: Array<TrustManager> = arrayOf<TrustManager>(
            object : X509TrustManager {
                @Throws(CertificateException::class)
                override fun checkClientTrusted(
                    chain: Array<X509Certificate?>?,
                    authType: String?
                ) {
                }
   
                @Throws(CertificateException::class)
                override fun checkServerTrusted(
                    chain: Array<X509Certificate?>?,
                    authType: String?
                ) {
                }
   
                override fun getAcceptedIssuers(): Array<X509Certificate?>? {
                    return arrayOf()
                }
   
                /* override fun getAcceptedIssuers(): Array<X509Certificate> {
                    TODO("Not yet implemented")
                }*/
   
                /* val acceptedIssuers: Array<X509Certificate>
                     get() =  arrayOf(_AcceptedIssuers)*/
            }
        )
   
        // Install the all-trusting trust manager
        val sslContext: SSLContext = SSLContext.getInstance("SSL")
        sslContext.init(null, trustAllCerts, SecureRandom())
   
        // Create an ssl socket factory with our all-trusting manager
        val sslSocketFactory: SSLSocketFactory = sslContext.getSocketFactory()
        val builder = OkHttpClient.Builder()
        builder.sslSocketFactory(sslSocketFactory, trustAllCerts[0] as X509TrustManager)
        builder.hostnameVerifier(object : HostnameVerifier {
            override fun verify(hostname: String?, session: SSLSession?): Boolean {
                return true
            }
        })
            .connectTimeout(1, TimeUnit.MINUTES)
            .readTimeout(30, TimeUnit.SECONDS)
            .writeTimeout(15, TimeUnit.SECONDS)
        builder.build()
    } catch (e: Exception) {
        throw RuntimeException(e)
    }
   

我能够点击 API 并获得响应。有人能告诉我为什么服务器在从代码中访问 API 时要求证书吗？

提前致谢。

标签： androidamazon-s3retrofit2