Wrong keystore version could mean that you do not use the BKS format but JKS. I had to write a converter:
package org.webpki.tools; import java.io.FileInputStream; import java.io.FileOutputStream; import java.util.Enumeration; import java.security.KeyStore; import java.security.Key; import java.security.Security; import java.security.cert.Certificate; import org.bouncycastle.jce.provider.BouncyCastleProvider; public class JKS2BKSConverter { public static void main (String argv[]) throws Exception { if (argv.length != 4) { System.out.println (JKS2BKSConverter.class.getName () + " jksfile bksfile/-same storepass keypass"); System.exit (3); } Security.addProvider (new BouncyCastleProvider ()); KeyStore jks = KeyStore.getInstance ("JKS"); jks.load (new FileInputStream (argv[0]), argv[2].toCharArray ()); KeyStore bks = KeyStore.getInstance ("BKS"); bks.load (null, null); Enumeration<String> aliases = jks.aliases (); while (aliases.hasMoreElements ()) { String alias = aliases.nextElement (); if (jks.isKeyEntry (alias)) { Certificate[] chain = jks.getCertificateChain (alias); Key key = jks.getKey (alias, argv[3].toCharArray ()); bks.setKeyEntry (alias, key, argv[3].toCharArray (), chain); } else if (jks.isCertificateEntry (alias)) { Certificate certificate = jks.getCertificate (alias); bks.setCertificateEntry (alias, certificate); } else { throw new Exception ("Bad KS"); } } bks.store (new FileOutputStream (argv[1].equals ("-same") ? argv[0] : argv[1]), argv[2].toCharArray ()); } } On Nov 5, 9:02 am, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> wrote: > Yes that's what I see everywhere. but, i can't change my API or > cartificate... > So I'm destine to search & search solution... > > I try to put a certificate in keystore, and to load it from my app. > but i have an IOexception : Wrong verion of Key Store. > I really don't understand. > > Source : > KeyStore trustStore = > KeyStore.getInstance(KeyStore.getDefaultType());// > KeyStore.getDefaultType() > FileInputStream in = new FileInputStream(new File("data/data/ > com.alu.myic.android/my.trustore3")); > try { > trustStore.load(in, "coucou".toCharArray());} finally { > in.close(); > } > > SSLSocketFactory socketFactory = new SSLSocketFactory(trustStore); > SchemeRegistry registry = new SchemeRegistry(); > registry.register(new Scheme("https", socketFactory, 443)); > > regards, > SC > > On 4 nov, 10:09, "Guillaume Perrot" <[EMAIL PROTECTED]> wrote: > > > > > We have a trusted one at our software company which is working but I wanted > > to add an option to trust self signed certificate in the application. > > I still don't have a solution for that, except using URLConnection API which > > works well with the AllowAllHostnameVerifier. Theproblemis with the > >HTTPClientAPI. > > > 2008/11/4 [EMAIL PROTECTED] <[EMAIL PROTECTED]> > > > > have you success yourhttpsconnection? > > > I don't know how to do with the not trusted certificate. > > > > thx > > > > On 23 oct, 09:23, Guillaume Perrot <[EMAIL PROTECTED]> wrote: > > > > Caused by: > > > > java.security.cert.CertPathValidatorException: TrustAnchor for > > > > CertPath not found. > > > > > On 23 oct, 10:20, "Guillaume Perrot" <[EMAIL PROTECTED]> wrote: > > > > > > Yes I had, though it's not in my sample code. > > > > > The verification that fails is not the hostname, but later when > > > checking the > > > > > certificate. > > > > > And I didn't find a class such as "AllowAllSelfSignedCertificates". > > > > > > 2008/10/23 Sean Sullivan <[EMAIL PROTECTED]> > > > > > > > Have you tried using > > > > > > org.apache.http.conn.ssl.AllowAllHostnameVerifier ? > > > >http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/module-c... > > > > > > > Sean > > > > > > > On Oct 17, 7:07 am, Guillaume Perrot <[EMAIL PROTECTED]> > > > wrote: > > > > > > > On android 1.0 I tried to connect to myhttpsserver which uses a > > > self- > > > > > > > signed certificate: > > > > > > > Here is my code, which uses a custom hostname verifier: > > > > > > > /* Create and initialize HTTP parameters */ > > > > > > > HttpParams params = new BasicHttpParams(); > > > > > > > ConnManagerParams.setMaxTotalConnections(params, 2); > > > > > > > HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1); > > > > > > > > /* Create and initialize scheme registry */ > > > > > > > SchemeRegistry schemeRegistry = new SchemeRegistry(); > > > > > > > schemeRegistry.register(new Scheme("http", PlainSocketFactory > > > > > > > .getSocketFactory(), 80)); > > > > > > > SSLSocketFactory sslSocketFactory = > > > > > > > SSLSocketFactory.getSocketFactory(); > > > > > > > sslSocketFactory.setHostnameVerifier(new > > > > > > > X509HostnameVerifier() > > > > > > > { > > > > > > > @Override > > > > > > > public boolean verify(String host, SSLSession session) > > > > > > > { > > > > > > > return true; > > > > > > > } > > > > > > > > @Override > > > > > > > public void verify(String host, SSLSocket ssl) throws > > > > > > > IOException > > > > > > > { > > > > > > > /* Nothing to do */ > > > > > > > } > > > > > > > > @Override > > > > > > > public void verify(String host, X509Certificate cert) throws > > > > > > > SSLException > > > > > > > { > > > > > > > /* Nothing to do */ > > > > > > > } > > > > > > > > @Override > > > > > > > public void verify(String host, String[] cns, String[] > > > > > > > subjectAlts) > > > > > > > throws SSLException > > > > > > > { > > > > > > > /* Nothing to do */ > > > > > > > } > > > > > > > }); > > > > > > > schemeRegistry.register(new Scheme("https", sslSocketFactory, > > > > > > > 443)); > > > > > > > > /* Allow multiple threads (two in our case) to access the HTTP > > > > > > > client */ > > > > > > > ClientConnectionManager cm = new > > > > > > > ThreadSafeClientConnManager(params, > > > > > > > schemeRegistry); > > > > > > > mHttpClient = new DefaultHttpClient(cm, params); > > > > > > > > try > > > > > > > { > > > > > > > HttpGet ping = new HttpGet(mConnectionManagerURL); > > > > > > > HttpResponse response = mHttpClient.execute(ping); > > > > > > > HttpEntity entity = response.getEntity(); > > > > > > > if (entity != null) > > > > > > > entity.consumeContent(); > > > > > > > } > > > > > > > catch (IOException ioe) > > > > > > > { > > > > > > > ioe.printStackTrace(); > > > > > > > shutdown(); > > > > > > > throw ioe; > > > > > > > } > > > > > > > catch (Exception e) > > > > > > > { > > > > > > > e.printStackTrace(); > > > > > > > shutdown(); > > > > > > > throw new IOException(e.getMessage()); > > > > > > > } > > > > > > > > I have the following exception in stack trace: > > > > > > > > 10-17 13:46:23.484: ERROR/ubikim-streams(783): > > > > > > > javax.net.ssl.SSLException: Not trusted server certificate > > > > > > > 10-17 13:46:23.554: ERROR/ubikim-streams(783): at > > > > org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java: > > > > > > > 353) > > > > > > > 10-17 13:46:23.654: ERROR/ubikim-streams(783): at > > > > > > > org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl > > > > > > > $SSLInputStream.<init>(OpenSSLSocketImpl.java:491) > > > > > > > 10-17 13:46:23.704: ERROR/ubikim-streams(783): at > > > > org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.java: > > > > > > > 432) > > > > > > > 10-17 13:46:23.784: ERROR/ubikim-streams(783): at > > > > org.apache.http.impl.io.SocketInputBuffer.<init>(SocketInputBuffer.java: > > > > > > > 93) > > > > > > > 10-17 13:46:23.844: ERROR/ubikim-streams(783): at > > > > org.apache.http.impl.SocketHttpClientConnection.createSessionInputBuffer(SocketHttpClientConnection.java: > > > > > > > 83) > > > > > > > 10-17 13:46:23.894: ERROR/ubikim-streams(783): at > > > > org.apache.http.impl.conn.DefaultClientConnection.createSessionInputBuffer(DefaultClientConnection.java: > > > > > > > 170) > > > > > > > 10-17 13:46:23.944: ERROR/ubikim-streams(783): at > > > > org.apache.http.impl.SocketHttpClientConnection.bind(SocketHttpClientConnection.java: > > > > > > > 106) > > > > > > > 10-17 13:46:24.035: ERROR/ubikim-streams(783): at > > > > org.apache.http.impl.conn.DefaultClientConnection.openCompleted(DefaultClientConnection.java: > > > > > > > 129) > > > > > > > 10-17 13:46:24.085: ERROR/ubikim-streams(783): at > > > > org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java: > > > > > > > 136) > > > > > > > 10-17 13:46:24.135: ERROR/ubikim-streams(783): at > > > > org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java: > > > > > > > 164) > > > > > > > 10-17 13:46:24.185: ERROR/ubikim-streams(783): at > > > > org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java: > > > > > > > 119) > > > > > > > 10-17 13:46:24.275: ERROR/ubikim-streams(783): at > > > > org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java: > > > > > > > 348) > > > > > > > 10-17 13:46:24.325: ERROR/ubikim-streams(783): at > > > > org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java: > > > > > > > 555) > > > > > > > 10-17 13:46:24.375: ERROR/ubikim-streams(783): at > > > > org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java: > > > > > > > 487) > > > > > > > 10-17 13:46:24.425: ERROR/ubikim-streams(783): at > > > > org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java: > > > > > > > 465) > > > > > > > 10-17 13:46:24.504: ERROR/ubikim-streams(783): at > > > > > > > com.ubikod.smackx.bosh.BoshSession.<init>(BoshSession.java:105) > > > > > > > 10-17 13:46:24.554: ERROR/ubikim-streams(783): at > > > > > > > com.ubikod.smackx.bosh.BoshSocket.<init>(BoshSocket.java:15) > > > > > > > 10-17 13:46:24.594: ERROR/ubikim-streams(783): at > > > > com.ubikod.smackx.bosh.BoshSocketFactory.createSocket(BoshSocketFactory.java: > > > > > > > 27) > > > > > > > 10-17 13:46:24.644: ERROR/ubikim-streams(783): at > > > > org.jivesoftware.smack.XMPPConnection.connectUsingConfiguration(XMPPConnection.java: > > > > > > > 818) > > > > > > > 10-17 13:46:24.734: ERROR/ubikim-streams(783): at > > > > > > > org.jivesoftware.smack.XMPPConnection.connect(XMPPConnection.java: > > > > > > > 1276) > > > > > > > 10-17 13:46:24.774: ERROR/ubikim-streams(783): at > > > > > > > com.ubikod.android.ubikim.service.UbikIMService > > > > > > > $1.run(UbikIMService.java:476) > > > > > > > 10-17 13:46:24.844: ERROR/ubikim-streams(783): Caused by: > > > > > > > java.security.cert.CertificateException: > > > > > > > java.security.cert.CertPathValidatorException: TrustAnchor for > > > > > > > CertPath not found. > > > > > > > 10-17 13:46:24.945: ERROR/ubikim-streams(783): at > > > > org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java: > > > > > > > 158) > > > > > > > 10-17 13:46:25.005: ERROR/ubikim-streams(783): at > > > > org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java: > > > > > > > 349) > > > > > > > 10-17 13:46:25.035: ERROR/ubikim-streams(783): > > ... > > read more »- Hide quoted text - > > - Show quoted text - --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~----------~----~----~----~------~----~------~--~---