Site is not sending the root CA in the bundle. For many standard web browsers, that won't matter, but the Android app / OS may not have the root CA in its local CA trust store. So, make sure the server side bundle includes the proper certs in the chain to the clients...
-- Regards, Kristian Erik Hermansen https://www.linkedin.com/in/kristianhermansen On Sep 15, 2014 11:54 PM, "Sudhakar Bedapudi" <[email protected]> wrote: > Thanks for the help. I checked the host at Qualys SSL Labs checker ,and > there are warnings represented in Orange color. > https://www.ssllabs.com/ssltest/analyze.html?d=crm.logos.net > > Does it mean the certificate is not valid for Android. > > On Tue, Sep 16, 2014 at 11:02 AM, Kristian Erik Hermansen < > [email protected]> wrote: > >> Also probably affects Chrome. Ensure you send the StartCom CA public key >> in the server chain bundle if the server is doing it wrong. You can check >> that by submitting the domain to the Qualys SSL Labs checker and look for >> anything in orange or red (bad server config)... >> >> -- >> Regards, >> >> Kristian Erik Hermansen >> https://www.linkedin.com/in/kristianhermansen >> On Sep 15, 2014 9:33 PM, "Sudhakar Bedapudi" <[email protected]> >> wrote: >> >>> My android app user is hosting his web server with the SSL certificate >>> provided by StartCom. >>> >>> When he try to access his server from the android app,he is getting the >>> following error. >>> javax.net.ssl.SSLPeerUnverifiedException no peer certificate. >>> >>> Are there any issues with StartCom Certificates in Android.please update >>> me. >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Android Security Discussions" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To post to this group, send email to >>> [email protected]. >>> Visit this group at >>> http://groups.google.com/group/android-security-discuss. >>> For more options, visit https://groups.google.com/d/optout. >>> >> > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/d/optout.
