Skip to content
HttpURLConnection SSL Pinning
Java Shell
Branch: master
Clone or download
Latest commit 422c54b May 1, 2018
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.idea add README.md May 2, 2018
app
gradle/wrapper Initial commit Apr 30, 2018
script add README.md May 2, 2018
.gitignore Initial commit Apr 30, 2018
README.md Update README.md May 2, 2018
build.gradle Initial commit Apr 30, 2018
gradle.properties Initial commit Apr 30, 2018
gradlew Initial commit Apr 30, 2018
gradlew.bat Initial commit Apr 30, 2018
settings.gradle Initial commit Apr 30, 2018

README.md

SSLPinning

HttpURLConnection透過憑證綁定方式作連線,在這是綁定Github的憑證,當使用Proxy(Ex. Charles)攔截傳輸內容時會無法正常連線。

Network Security Config

Android API 24以後才有的機制,利用script/cert.sh取得網站公鑰。

root@debian:~# ./script/cert.sh github.com
/businessCategory=Private Organization/1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Delaware/serialNumber=5157550/street=88 Colin P Kelly, Jr Street/postalCode=94107/C=US/ST=California/L=San Francisco/O=GitHub, Inc./CN=github.com
pL1+qb9HTMRZJmuC/bB/ZI9d302BYrrqiVuRyW+DGrU=
/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 Extended Validation Server CA
RRM1dGqnDFsCJXBTHky16vi1obOlCgFFn/yOhI/y+ho=

將取得的公鑰加入network_security_config.xml

You can’t perform that action at this time.