本文介绍了由于 HostnameVerifier 问题,Google 拒绝了应用的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
Updated my app to trust all certificates in volley for sdk 17 and below as volley works fine without hostname verifier for higher sdk. It worked fine but google rejected my app update saying
Your app(s) are using an unsafe implementation of the HostnameVerifier interface.
I am using the following code
TrustManager[] trustAllCertsc = new TrustManager[] { new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
} };
SSLContext scc = null;
try {
scc = SSLContext.getInstance("SSL");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
try {
scc.init(null, trustAllCertsc, new java.security.SecureRandom());
} catch (KeyManagementException e) {
e.printStackTrace();
}
HttpsURLConnection.setDefaultSSLSocketFactory(scc.getSocketFactory());
// Create all-trusting host name verifier
HostnameVerifier allHostsValidc = new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
// Install the all-trusting host verifier
HttpsURLConnection.setDefaultHostnameVerifier(allHostsValidc);
解决方案
Delete all of that code. You will fail multiple Play Store checks (HostnameVerifier
and an accept-all TrustManager
). Plus, the reason why the Play Store is rejecting your app is because, through this code, you are weakening app security.
这篇关于由于 HostnameVerifier 问题,Google 拒绝了应用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!
本站部分内容来源互联网,如果有图片或者内容侵犯您的权益请联系我们删除!