We have a trusted one at our software company which is working but I wanted to add an option to trust self signed certificate in the application. I still don't have a solution for that, except using URLConnection API which works well with the AllowAllHostnameVerifier. The problem is with the HTTPClient API.
2008/11/4 [EMAIL PROTECTED] <[EMAIL PROTECTED]> > > have you success your https connection? > I don't know how to do with the not trusted certificate. > > thx > > On 23 oct, 09:23, Guillaume Perrot <[EMAIL PROTECTED]> wrote: > > Caused by: > > java.security.cert.CertPathValidatorException: TrustAnchor for > > CertPath not found. > > > > On 23 oct, 10:20, "Guillaume Perrot" <[EMAIL PROTECTED]> wrote: > > > > > Yes I had, though it's not in my sample code. > > > The verification that fails is not the hostname, but later when > checking the > > > certificate. > > > And I didn't find a class such as "AllowAllSelfSignedCertificates". > > > > > 2008/10/23 Sean Sullivan <[EMAIL PROTECTED]> > > > > > > Have you tried using > > > > org.apache.http.conn.ssl.AllowAllHostnameVerifier ? > > > > > > > http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/module-c... > > > > > > Sean > > > > > > On Oct 17, 7:07 am, Guillaume Perrot <[EMAIL PROTECTED]> > wrote: > > > > > On android 1.0 I tried to connect to myhttpsserver which uses a > self- > > > > > signed certificate: > > > > > Here is my code, which uses a custom hostname verifier: > > > > > /* Create and initialize HTTP parameters */ > > > > > HttpParams params = new BasicHttpParams(); > > > > > ConnManagerParams.setMaxTotalConnections(params, 2); > > > > > HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1); > > > > > > > /* Create and initialize scheme registry */ > > > > > SchemeRegistry schemeRegistry = new SchemeRegistry(); > > > > > schemeRegistry.register(new Scheme("http", PlainSocketFactory > > > > > .getSocketFactory(), 80)); > > > > > SSLSocketFactory sslSocketFactory = > > > > > SSLSocketFactory.getSocketFactory(); > > > > > sslSocketFactory.setHostnameVerifier(new X509HostnameVerifier() > > > > > { > > > > > @Override > > > > > public boolean verify(String host, SSLSession session) > > > > > { > > > > > return true; > > > > > } > > > > > > > @Override > > > > > public void verify(String host, SSLSocket ssl) throws > > > > > IOException > > > > > { > > > > > /* Nothing to do */ > > > > > } > > > > > > > @Override > > > > > public void verify(String host, X509Certificate cert) throws > > > > > SSLException > > > > > { > > > > > /* Nothing to do */ > > > > > } > > > > > > > @Override > > > > > public void verify(String host, String[] cns, String[] > > > > > subjectAlts) > > > > > throws SSLException > > > > > { > > > > > /* Nothing to do */ > > > > > } > > > > > }); > > > > > schemeRegistry.register(new Scheme("https", sslSocketFactory, > > > > > 443)); > > > > > > > /* Allow multiple threads (two in our case) to access the HTTP > > > > > client */ > > > > > ClientConnectionManager cm = new > > > > > ThreadSafeClientConnManager(params, > > > > > schemeRegistry); > > > > > mHttpClient = new DefaultHttpClient(cm, params); > > > > > > > try > > > > > { > > > > > HttpGet ping = new HttpGet(mConnectionManagerURL); > > > > > HttpResponse response = mHttpClient.execute(ping); > > > > > HttpEntity entity = response.getEntity(); > > > > > if (entity != null) > > > > > entity.consumeContent(); > > > > > } > > > > > catch (IOException ioe) > > > > > { > > > > > ioe.printStackTrace(); > > > > > shutdown(); > > > > > throw ioe; > > > > > } > > > > > catch (Exception e) > > > > > { > > > > > e.printStackTrace(); > > > > > shutdown(); > > > > > throw new IOException(e.getMessage()); > > > > > } > > > > > > > I have the following exception in stack trace: > > > > > > > 10-17 13:46:23.484: ERROR/ubikim-streams(783): > > > > > javax.net.ssl.SSLException: Not trusted server certificate > > > > > 10-17 13:46:23.554: ERROR/ubikim-streams(783): at > > > > > > > org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java: > > > > > 353) > > > > > 10-17 13:46:23.654: ERROR/ubikim-streams(783): at > > > > > org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl > > > > > $SSLInputStream.<init>(OpenSSLSocketImpl.java:491) > > > > > 10-17 13:46:23.704: ERROR/ubikim-streams(783): at > > > > > > > org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.java: > > > > > 432) > > > > > 10-17 13:46:23.784: ERROR/ubikim-streams(783): at > > > > > > org.apache.http.impl.io.SocketInputBuffer.<init>(SocketInputBuffer.java: > > > > > 93) > > > > > 10-17 13:46:23.844: ERROR/ubikim-streams(783): at > > > > > > > org.apache.http.impl.SocketHttpClientConnection.createSessionInputBuffer(SocketHttpClientConnection.java: > > > > > 83) > > > > > 10-17 13:46:23.894: ERROR/ubikim-streams(783): at > > > > > > > org.apache.http.impl.conn.DefaultClientConnection.createSessionInputBuffer(DefaultClientConnection.java: > > > > > 170) > > > > > 10-17 13:46:23.944: ERROR/ubikim-streams(783): at > > > > > > > org.apache.http.impl.SocketHttpClientConnection.bind(SocketHttpClientConnection.java: > > > > > 106) > > > > > 10-17 13:46:24.035: ERROR/ubikim-streams(783): at > > > > > > > org.apache.http.impl.conn.DefaultClientConnection.openCompleted(DefaultClientConnection.java: > > > > > 129) > > > > > 10-17 13:46:24.085: ERROR/ubikim-streams(783): at > > > > > > > org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java: > > > > > 136) > > > > > 10-17 13:46:24.135: ERROR/ubikim-streams(783): at > > > > > > org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java: > > > > > 164) > > > > > 10-17 13:46:24.185: ERROR/ubikim-streams(783): at > > > > > > > org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java: > > > > > 119) > > > > > 10-17 13:46:24.275: ERROR/ubikim-streams(783): at > > > > > > > org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java: > > > > > 348) > > > > > 10-17 13:46:24.325: ERROR/ubikim-streams(783): at > > > > > > > org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java: > > > > > 555) > > > > > 10-17 13:46:24.375: ERROR/ubikim-streams(783): at > > > > > > > org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java: > > > > > 487) > > > > > 10-17 13:46:24.425: ERROR/ubikim-streams(783): at > > > > > > > org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java: > > > > > 465) > > > > > 10-17 13:46:24.504: ERROR/ubikim-streams(783): at > > > > > com.ubikod.smackx.bosh.BoshSession.<init>(BoshSession.java:105) > > > > > 10-17 13:46:24.554: ERROR/ubikim-streams(783): at > > > > > com.ubikod.smackx.bosh.BoshSocket.<init>(BoshSocket.java:15) > > > > > 10-17 13:46:24.594: ERROR/ubikim-streams(783): at > > > > > > > com.ubikod.smackx.bosh.BoshSocketFactory.createSocket(BoshSocketFactory.java: > > > > > 27) > > > > > 10-17 13:46:24.644: ERROR/ubikim-streams(783): at > > > > > > > org.jivesoftware.smack.XMPPConnection.connectUsingConfiguration(XMPPConnection.java: > > > > > 818) > > > > > 10-17 13:46:24.734: ERROR/ubikim-streams(783): at > > > > > org.jivesoftware.smack.XMPPConnection.connect(XMPPConnection.java: > > > > > 1276) > > > > > 10-17 13:46:24.774: ERROR/ubikim-streams(783): at > > > > > com.ubikod.android.ubikim.service.UbikIMService > > > > > $1.run(UbikIMService.java:476) > > > > > 10-17 13:46:24.844: ERROR/ubikim-streams(783): Caused by: > > > > > java.security.cert.CertificateException: > > > > > java.security.cert.CertPathValidatorException: TrustAnchor for > > > > > CertPath not found. > > > > > 10-17 13:46:24.945: ERROR/ubikim-streams(783): at > > > > > > > org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java: > > > > > 158) > > > > > 10-17 13:46:25.005: ERROR/ubikim-streams(783): at > > > > > > > org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java: > > > > > 349) > > > > > 10-17 13:46:25.035: ERROR/ubikim-streams(783): ... 20 more > > > > > 10-17 13:46:25.095: ERROR/ubikim-streams(783): Caused by: > > > > > java.security.cert.CertPathValidatorException: TrustAnchor for > > > > > CertPath not found. > > > > > 10-17 13:46:25.205: ERROR/ubikim-streams(783): at > > > > > > > org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi.engineValidate(PKIXCertPathValidatorSpi.java: > > > > > 144) > > > > > 10-17 13:46:25.245: ERROR/ubikim-streams(783): at > > > > > > java.security.cert.CertPathValidator.validate(CertPathValidator.java: > > > > > 153) > > > > > 10-17 13:46:25.305: ERROR/ubikim-streams(783): at > > > > > > > org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java: > > > > > 154) > > > > > 10-17 13:46:25.335: ERROR/ubikim-streams(783): ... 21 more > > > > > > > The code of my custom hostname verifier is called, but another > check > > > > > fails later and I didn't find a way to override this behavior. > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~----------~----~----~----~------~----~------~--~---
