How to do an HTTPS POST from Android?

by

You can use the default CAs that are defined in the android device, which is just fine for any public web.

If you have a self-signed certificate, you can either accept all certificates (risky, open to man-in-the-middle attacks) or create your own TrustManagerFactory, which is a bit out of this scope.

Here’s some code to use the default CAs for a https POST call:

private InputStream getInputStream(String urlStr, String user, String password) throws IOException
{
    URL url = new URL(urlStr);
    HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();

    // Create the SSL connection
    SSLContext sc;
    sc = SSLContext.getInstance("TLS");
    sc.init(null, null, new java.security.SecureRandom());
    conn.setSSLSocketFactory(sc.getSocketFactory());
      
    // Use this if you need SSL authentication
    String userpass = user + ":" + password;
    String basicAuth = "Basic " + Base64.encodeToString(userpass.getBytes(), Base64.DEFAULT);
    conn.setRequestProperty("Authorization", basicAuth);
    
    // set Timeout and method
    conn.setReadTimeout(7000);
    conn.setConnectTimeout(7000);
    conn.setRequestMethod("POST");
    conn.setDoInput(true);
    
    // Add any data you wish to post here
    
    conn.connect();
    return conn.getInputStream();
}

To read the response:

String result = new String();
InputStream is = getInputStream(urlStr, user, password);
BufferedReader in = new BufferedReader(new InputStreamReader(is));
String inputLine;
while ((inputLine = in.readLine()) != null) {
    result += inputLine;            
}

More Related Contents:

  1. Enabling specific SSL protocols with Android WebViewClient
  2. How to override the cipherlist sent to the server by Android when using HttpsURLConnection?
  3. javax.net.ssl.SSLException: SSL handshake aborted Connection reset by peer while calling webservice Android
  4. Android SSL HttpGet (No peer certificate) error OR (Connection closed by peer) error
  5. Resolving javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed Error?
  6. Accept server’s self-signed ssl certificate in Java client
  7. Java: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  8. Https Connection Android
  9. Java HTTPS client certificate authentication
  10. why doesn’t java send the client certificate during SSL handshake?
  11. How to handle invalid SSL certificates with Apache HttpClient? [duplicate]
  12. Secure HTTP Post in Android
  13. How to create a BKS (BouncyCastle) format Java Keystore that contains a client certificate chain
  14. HTTPS GET (SSL) with Android and self-signed server certificate
  15. How to disable SSLv3 in android for HttpsUrlConnection?
  16. java – ignore expired ssl certificate
  17. SSLHandshakeException: No subject alternative names present
  18. HttpGet with HTTPS : SSLPeerUnverifiedException
  19. javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found
  20. Disable SSL certificate check in retrofit library
  21. How to force java server to accept only tls 1.2 and reject tls 1.0 and tls 1.1 connections
  22. Problems connecting via HTTPS/SSL through own Java client
  23. Java and HTTPS url connection without downloading certificate
  24. Whats an easy way to totally ignore ssl with java url connections?
  25. How can I know if the request to the servlet was executed using HTTP or HTTPS?
  26. Java SSLException: hostname in certificate didn’t match
  27. OkHttp javax.net.ssl.SSLPeerUnverifiedException: Hostname domain.com not verified
  28. Problems with https (No peer certificate) in android
  29. How Can I Access an SSL Connection Through Android?
  30. Java HttpsURLConnection and TLS 1.2

Leave a Comment