解決Android7.0 以上系統無法使用工具抓包問題
-
1 在res/xml 夾下新建 network_security_config.xml 文件
-
2 在 network_security_config.xml 文件中輸入以下內容:
<?xml version="1.0" encoding="utf-8"?> <network-security-config> <base-config cleartextTrafficPermitted="true" /> <debug-overrides> <trust-anchors> <certificates overridePins="true" src="system" /> <certificates overridePins="true" src="user" /> </trust-anchors> </debug-overrides> </network-security-config>
重點: overridePins="true"
屬性不能少。
-
3 在清單文件(AndroidManifest.xml)中引用network_security_config.xml 文件
<application ... android:networkSecurityConfig="@xml/network_security_config" android:theme="@style/AppTheme"> ... </application>
經過以上步驟即可解決Android7.0以上系統無法抓包問題。
如果經過上述步驟,在部分手機上還是不能實現抓包,那麼可以使OkHttp強制信任所有證書
-
新建工具類
public class OkHttpSslUtils { public static SSLSocketFactory createSSLSocketFactory() { SSLSocketFactory sSLSocketFactory = null; try { SSLContext sc = SSLContext.getInstance("TLS"); sc.init(null, new TrustManager[]{new TrustAllManager()}, new SecureRandom()); sSLSocketFactory = sc.getSocketFactory(); } catch (Exception e) { } return sSLSocketFactory; } public static class TrustAllManager implements X509TrustManager { @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @Override public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } }
}
-
使用
OkHttpClient.Builder httpClientBuilder = new OkHttpClient.Builder();
httpClientBuilder
.sslSocketFactory(OkhttpSslUtils.createSSLSocketFactory(), new OkhttpSslUtils.TrustAllManager()) // OkHttp抓包問題,強制Okhttp信任所有證書
.connectTimeout(MAX_TIME_OUT, TimeUnit.SECONDS)
.readTimeout(MAX_TIME_OUT, TimeUnit.SECONDS)
.writeTimeout(MAX_TIME_OUT, TimeUnit.SECONDS);