SSL certificate with picasso
I am using Picasso for image caching. Our database recently switched to HTTPS using a self-signed certificate as authentication. I used the khandroid library to create an HTTP client that binds certificates with every request; basically following this example.
http://ogrelab.ikratko.com/using-android-volley-with-self-signed-certificate/
Now I need to apply this same concept to Picasso, but I don't know how to change Picasso's single-land to use pinned SSL certificates.
+3
source to share
1 answer
It turns out I was just looking in the wrong direction. I tried to change OkHttpDownloader but I needed to change OkHttpClient. Here's some sample code.
public static Picasso getInstance(Context context) {
if (sPicasso == null) {
InputStream keyStore = context.getResources().openRawResource(R.raw.my_keystore);
Picasso.Builder builder = new Picasso.Builder(context);
OkHttpClient okHttpClient = new OkHttpClient();
SSLContext sslContext;
try {
sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, new TrustManager[]{new SsX509TrustManager(keyStore, password)}, null);
okHttpClient.setSslSocketFactory(sslContext.getSocketFactory());
OkHttpDownloader okHttpDownloader = new OkHttpDownloader(okHttpClient);
builder.downloader(okHttpDownloader);
sPicasso = builder.build();
} catch (NoSuchAlgorithmException e) {
throw new IllegalStateException("Failure initializing default SSL context", e);
} catch (KeyManagementException e) {
throw new IllegalStateException("Failure initializing default SSL context", e);
} catch (GeneralSecurityException e) {
e.printStackTrace();
}
}
return sPicasso;
}
+6
source to share