先插一句。Google出的volley框架本身是支持https请求的，可是仅仅是针对有第三方机构认证过的。

假设自己随便在网上搞的一个证书，那volley是不支持请求的。

本文讲下怎样让volley支持自己搞的https证书。

改动volley源代码：com.android.myvolley.toolbox.HurlStack

   /**

     * Create an {@link HttpURLConnection} for the specified {@code url}.

     */

    protected HttpURLConnection createConnection(URL url) throws IOException {

        if (url.toString().contains("https")) {

            MyHttpsManager.allowAllSSL();

        }

        return (HttpURLConnection) url.openConnection();

    }

在HurlStack类中的createConnection方法中，做个过滤处理：

if (url.toString().contains("https")) {

            MyHttpsManager.allowAllSSL();

        }

直接贴代码啦。

import java.security.KeyManagementException;

import java.security.NoSuchAlgorithmException;

import java.security.SecureRandom;

import java.security.cert.CertificateException;

import java.security.cert.X509Certificate;

import javax.net.ssl.HostnameVerifier;

import javax.net.ssl.HttpsURLConnection;

import javax.net.ssl.SSLContext;

import javax.net.ssl.SSLSession;

import javax.net.ssl.TrustManager;

import javax.net.ssl.X509TrustManager;

public class MyHttpsManager implements X509TrustManager {

    private static TrustManager[] trustManagers;

    @Override

    public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {

    }

    @Override

    public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {

    }

    @Override

    public X509Certificate[] getAcceptedIssuers() {

        return new X509Certificate[0];

    }

    public static void allowAllSSL() {

        HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {

            @Override

            public boolean verify(String arg0, SSLSession arg1) {

                // TODO Auto-generated method stub

                return true;

            }

        });

        SSLContext context = null;

        if (trustManagers == null) {

            trustManagers = new TrustManager[] { new MyHttpsManager() };

        }

        try {

            context = SSLContext.getInstance("TLS");

            context.init(null, trustManagers, new SecureRandom());

        } catch (NoSuchAlgorithmException e) {

            e.printStackTrace();

        } catch (KeyManagementException e) {

            e.printStackTrace();

        }

        HttpsURLConnection.setDefaultSSLSocketFactory(context

                .getSocketFactory());

    }

}

然后请求的时候在头里面加个什么鬼id。sign之类的，就能够和服务端通信了。

比如volley重写getHeaders方法：

public void sendRequest(int method, String url, JSONObject jsonRequest, final String sessionToken, final OnResponseListener listener,final OnErrorListener errorListener) {

        initUserAgent();

        JsonObjectRequest jsonObjectRequest = new JsonObjectRequest(method, url, jsonRequest, new Response.Listener<JSONObject>() {

            @Override

            public void onResponse(JSONObject response) {

                listener.onResponse(response);

            }

        }, new Response.ErrorListener() {

            @Override

            public void onErrorResponse(VolleyError error) {

                errorListener.onErrorResponse(error);

            }

        }){

            @Override

            public Map<String, String> getHeaders() throws AuthFailureError {

                HashMap<String, String> headers = new HashMap<String,String>();

                headers.put("Content-Type", "application/json");

                headers.put("x-app-id", APPID);

                headers.put("x-app-sign",SIGN);

                headers.put("x-session-token",sessionToken);

                headers.put("User-Agent",userAgent);

                return headers;

            }

        };

        Volley.newRequestQueue(context).add(jsonObjectRequest);

    }