Sorry, I accidentally typed Verizon when I meant to type Verisign. I will round up the list of devices/versions everyone has tested on. I am not the OP, so the Android 1.6 does not apply to me.
My phone is 2.3.6 Gingerbread.UCLA3. I did not trap the network traffic on my phone, but I have the same behavior as the phone that did trap the network traffic. I will post that phone's version later. I need to support versions prior to 2.3, so I am interested in suggestions to solve this problem by changes to the server configuration. I cannot tell my users to update their phones. I will post more information after I gather it from the other people working on this problem. -- potter On Wed, Jun 20, 2012 at 2:28 PM, Brian Carlstrom <[email protected]> wrote: > I guessing that the "Android 1.6" in the user agent string implies a Donut > device. It is very possible that CA is not trusted. I did a major update to > the CA list in 2.3 Gingerbread. Have you tested in new releases in the > Android SDK emulator to see if that is the problem? If the CA truly is > Verizon, I don't think any stock Android device has trusted such as CA, > although its possible your Verizon provide server certificate is issued by a > trusted CA. > > -bri > > On Wed, Jun 20, 2012 at 4:46 AM, Michael Potter <[email protected]> wrote: >> >> I am getting this same error while doing a https POST to a SOAP service in >> javascript. >> I am using iphonegap to package the html/js into a android .apk file. >> >> This is only a problem on Android, iOS and Adobe Air do not have problem >> accessing the service. >> Our server certificate came from Verizon. >> >> Was there any resolution to the error below? >> >> -- >> potter >> >> On Monday, May 10, 2010 6:57:25 AM UTC-4, mikiso wrote: >>> >>> Hi, >>> >>> When I access a website(mail.myserver.com) from default browser, >>> android shows a message like >>> "browser cannot establish secure connection" and then aborted. >>> I took tcp packets between a browser of Android SDK and the server. >>> >>> Server → Client : Certificate, Server Hello Done >>> Client → Server : Client Key Exchange, Change Cipher Spec, Encrypted >>> Handshake Message >>> Server → Client : Change Cipher Spec, Encrypted Handshake Message >>> Client → Server : [ACK] >>> Client → Server : Encrypted Alert >>> Client → Server : [FIN, ACK] >>> Server → Client : [FIN, ACK] >>> >>> It seemes that the Android browser send an error as "Encrypted Alert" >>> to the server. >>> >>> FYI,the certificate of the server defines "mail.myserver.com" as CN >>> and the following DNS >>> names as subject alternative name. >>> * pop.myserver.com >>> * mail.myserver.com >>> * imap.myserver.com >>> >>> I don't know if this is related to the case, but I can access site >>> with a simple certificate and >>> at that time client can send "Application Data" to the Server >>> instead of "Encrypted Alert. >>> >>> Has anyone faced the same problem? >>> All of the android phones launched in Japan is affected by this >>> problem. >>> One of the user-agent of the default browser is: >>> Mozilla/5.0 (Linux; U; Android 1.6; ja-jp; SonyEricssonSO-01B Build/ >>> R1EA018) AppleWebKit/528.5+ (KHTML, like Gecko) Version/3.1.2 Mobile >>> Safari/525.20.1 >>> >>> Regards, >>> Soichiro Miki >>> Hitachisoft Zimbra Support >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Android Security Discussions" group. >> To view this discussion on the web visit >> https://groups.google.com/d/msg/android-security-discuss/-/3PpbvQ0ldDIJ. >> To post to this group, send email to >> [email protected]. >> To unsubscribe from this group, send email to >> [email protected]. >> For more options, visit this group at >> http://groups.google.com/group/android-security-discuss?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
