android - Getting SSLHandshakeException when trying to acces https url -

-

i'm trying access https url through android app , getting javax.net.ssl.sslhandshakeexception: java.security.cert.certpathvalidatorexception: trust anchor certification path not found.

exception is:

06-10 14:18:37.083: w/system.err(28459): javax.net.ssl.sslhandshakeexception: java.security.cert.certpathvalidatorexception: trust anchor certification path not found. 06-10 14:18:37.083: w/system.err(28459):    @ org.apache.harmony.xnet.provider.jsse.opensslsocketimpl.starthandshake(opensslsocketimpl.java:399) 06-10 14:18:37.083: w/system.err(28459):    @ libcore.net.http.httpconnection.setupsecuresocket(httpconnection.java:211) 06-10 14:18:37.083: w/system.err(28459):    @ libcore.net.http.httpsurlconnectionimpl$httpsengine.makesslconnection(httpsurlconnectionimpl.java:478) 06-10 14:18:37.083: w/system.err(28459):    @ libcore.net.http.httpsurlconnectionimpl$httpsengine.connect(httpsurlconnectionimpl.java:433) 06-10 14:18:37.083: w/system.err(28459):    @ libcore.net.http.httpengine.sendsocketrequest(httpengine.java:289) 06-10 14:18:37.083: w/system.err(28459):    @ libcore.net.http.httpengine.sendrequest(httpengine.java:239) 06-10 14:18:37.093: w/system.err(28459):    @ libcore.net.http.httpurlconnectionimpl.connect(httpurlconnectionimpl.java:80) 06-10 14:18:37.093: w/system.err(28459):    @ libcore.net.http.httpsurlconnectionimpl.connect(httpsurlconnectionimpl.java:165) 06-10 14:18:37.093: w/system.err(28459):    @ com.virinchi.activity.loginactivity$signeddownloadmanager.doinbackground(loginactivity.java:542) 06-10 14:18:37.093: w/system.err(28459):    @ com.virinchi.activity.loginactivity$signeddownloadmanager.doinbackground(loginactivity.java:1) 06-10 14:18:37.093: w/system.err(28459):    @ android.os.asynctask$2.call(asynctask.java:287) 06-10 14:18:37.093: w/system.err(28459):    @ java.util.concurrent.futuretask$sync.innerrun(futuretask.java:305) 06-10 14:18:37.093: w/system.err(28459):    @ java.util.concurrent.futuretask.run(futuretask.java:137) 06-10 14:18:37.093: w/system.err(28459):    @ android.os.asynctask$serialexecutor$1.run(asynctask.java:230) 06-10 14:18:37.093: w/system.err(28459):    @ java.util.concurrent.threadpoolexecutor.runworker(threadpoolexecutor.java:1076) 06-10 14:18:37.093: w/system.err(28459):    @ java.util.concurrent.threadpoolexecutor$worker.run(threadpoolexecutor.java:569) 06-10 14:18:37.093: w/system.err(28459):    @ java.lang.thread.run(thread.java:856) 06-10 14:18:37.093: w/system.err(28459): caused by: java.security.cert.certificateexception: java.security.cert.certpathvalidatorexception: trust anchor certification path not found. 06-10 14:18:37.093: w/system.err(28459):    @ org.apache.harmony.xnet.provider.jsse.trustmanagerimpl.checktrusted(trustmanagerimpl.java:192) 06-10 14:18:37.093: w/system.err(28459):    @ org.apache.harmony.xnet.provider.jsse.trustmanagerimpl.checkservertrusted(trustmanagerimpl.java:163) 06-10 14:18:37.093: w/system.err(28459):    @ org.apache.harmony.xnet.provider.jsse.opensslsocketimpl.verifycertificatechain(opensslsocketimpl.java:598) 06-10 14:18:37.093: w/system.err(28459):    @ org.apache.harmony.xnet.provider.jsse.nativecrypto.ssl_do_handshake(native method) 06-10 14:18:37.093: w/system.err(28459):    @ org.apache.harmony.xnet.provider.jsse.opensslsocketimpl.starthandshake(opensslsocketimpl.java:396) 06-10 14:18:37.093: w/system.err(28459):    ... 16 more 06-10 14:18:37.093: w/system.err(28459): caused by: java.security.cert.certpathvalidatorexception: trust anchor certification path not found. 06-10 14:18:37.103: w/system.err(28459):    ... 21 more 06-10 14:18:37.133: w/system.err(28459): javax.net.ssl.sslhandshakeexception: java.security.cert.certpathvalidatorexception: trust anchor certification path not found. 06-10 14:18:37.133: w/system.err(28459):    @ org.apache.harmony.xnet.provider.jsse.opensslsocketimpl.starthandshake(opensslsocketimpl.java:399) 06-10 14:18:37.133: w/system.err(28459):    @ libcore.net.http.httpconnection.setupsecuresocket(httpconnection.java:211) 06-10 14:18:37.133: w/system.err(28459):    @ libcore.net.http.httpsurlconnectionimpl$httpsengine.makesslconnection(httpsurlconnectionimpl.java:478) 06-10 14:18:37.133: w/system.err(28459):    @ libcore.net.http.httpsurlconnectionimpl$httpsengine.connect(httpsurlconnectionimpl.java:433) 06-10 14:18:37.133: w/system.err(28459):    @ libcore.net.http.httpengine.sendsocketrequest(httpengine.java:289) 06-10 14:18:37.133: w/system.err(28459):    @ libcore.net.http.httpengine.sendrequest(httpengine.java:239) 06-10 14:18:37.133: w/system.err(28459):    @ libcore.net.http.httpurlconnectionimpl.connect(httpurlconnectionimpl.java:80) 06-10 14:18:37.133: w/system.err(28459):    @ libcore.net.http.httpsurlconnectionimpl.connect(httpsurlconnectionimpl.java:165) 06-10 14:18:37.133: w/system.err(28459):    @ com.virinchi.activity.loginactivity$unsigneddownloadmanager.doinbackground(loginactivity.java:644) 06-10 14:18:37.133: w/system.err(28459):    @ com.virinchi.activity.loginactivity$unsigneddownloadmanager.doinbackground(loginactivity.java:1) 06-10 14:18:37.133: w/system.err(28459):    @ android.os.asynctask$2.call(asynctask.java:287) 06-10 14:18:37.143: w/system.err(28459):    @ java.util.concurrent.futuretask$sync.innerrun(futuretask.java:305) 06-10 14:18:37.143: w/system.err(28459):    @ java.util.concurrent.futuretask.run(futuretask.java:137) 06-10 14:18:37.143: w/system.err(28459):    @ android.os.asynctask$serialexecutor$1.run(asynctask.java:230) 06-10 14:18:37.143: w/system.err(28459):    @ java.util.concurrent.threadpoolexecutor.runworker(threadpoolexecutor.java:1076) 06-10 14:18:37.143: w/system.err(28459):    @ java.util.concurrent.threadpoolexecutor$worker.run(threadpoolexecutor.java:569) 06-10 14:18:37.143: w/system.err(28459):    @ java.lang.thread.run(thread.java:856) 06-10 14:18:37.143: w/system.err(28459): caused by: java.security.cert.certificateexception: java.security.cert.certpathvalidatorexception: trust anchor certification path not found. 06-10 14:18:37.143: w/system.err(28459):    @ org.apache.harmony.xnet.provider.jsse.trustmanagerimpl.checktrusted(trustmanagerimpl.java:192) 06-10 14:18:37.143: w/system.err(28459):    @ org.apache.harmony.xnet.provider.jsse.trustmanagerimpl.checkservertrusted(trustmanagerimpl.java:163) 06-10 14:18:37.143: w/system.err(28459):    @ org.apache.harmony.xnet.provider.jsse.opensslsocketimpl.verifycertificatechain(opensslsocketimpl.java:598) 06-10 14:18:37.143: w/system.err(28459):    @ org.apache.harmony.xnet.provider.jsse.nativecrypto.ssl_do_handshake(native method) 06-10 14:18:37.143: w/system.err(28459):    @ org.apache.harmony.xnet.provider.jsse.opensslsocketimpl.starthandshake(opensslsocketimpl.java:396) 06-10 14:18:37.143: w/system.err(28459):    ... 16 more 06-10 14:18:37.153: w/system.err(28459): caused by: java.security.cert.certpathvalidatorexception: trust anchor certification path not found. 06-10 14:18:37.153: w/system.err(28459):    ... 21 more

this following code allow https url:

private httpclient sslclient(httpclient client) {     try {         x509trustmanager tm = new x509trustmanager() {              public void checkclienttrusted(x509certificate[] xcs, string string) throws certificateexception {             }              public void checkservertrusted(x509certificate[] xcs, string string) throws certificateexception {             }              public x509certificate[] getacceptedissuers() {                 return null;             }         };         sslcontext ctx = sslcontext.getinstance("tls");         ctx.init(null, new trustmanager[]{tm}, null);         sslsocketfactory ssf = new sslfactory(ctx);         ssf.sethostnameverifier(sslsocketfactory.allow_all_hostname_verifier);         clientconnectionmanager ccm = client.getconnectionmanager();         schemeregistry sr = ccm.getschemeregistry();         sr.register(new scheme("https", ssf, 443));         return new defaulthttpclient(ccm, client.getparams());     } catch (exception ex) {         return null;     } }

i'm calling above code in doinbackground method of asynctaskclass. code is:

 @override     protected header[] doinbackground(string... params) {         try {             httpclient httpclient = new defaulthttpclient();             httpclient =  sslclient(httpclient);             httppost httppost = new httppost(params[1]);              arraylist<namevaluepair> namevaluepair = new arraylist<namevaluepair>();             namevaluepair.add(new basicnamevaluepair("ssn", params[0]));             namevaluepair.add(new basicnamevaluepair("macaddr", params[2]));             httppost.setentity(new urlencodedformentity(namevaluepair,                     "utf-8"));             httpresponse httpresponse = httpclient.execute(httppost);             httpentity httpentity = httpresponse.getentity();             response = entityutils.tostring(httpentity);             allheaders = httpresponse.getallheaders();          } catch (exception ex) {              ex.printstacktrace();          }         return allheaders;     }

this sslfactory class:

public class sslfactory extends sslsocketfactory { sslcontext sslcontext = sslcontext.getinstance("tls");  public sslfactory(keystore truststore) throws nosuchalgorithmexception, keymanagementexception, keystoreexception, unrecoverablekeyexception {     super(truststore);      x509trustmanager tm = new x509trustmanager() {         public void checkclienttrusted(x509certificate[] chain, string authtype) throws certificateexception {         }          public void checkservertrusted(x509certificate[] chain, string authtype) throws certificateexception {         }          public x509certificate[] getacceptedissuers() {             return null;         }     };      sslcontext.init(null, new x509trustmanager[] { tm }, null); }  public sslfactory(sslcontext context) throws keymanagementexception, nosuchalgorithmexception, keystoreexception, unrecoverablekeyexception {    super(null);    sslcontext = context; }  @override public socket createsocket(socket socket, string host, int port, boolean autoclose) throws ioexception, unknownhostexception {     return sslcontext.getsocketfactory().createsocket(socket, host, port, autoclose); }  @override public socket createsocket() throws ioexception {     return sslcontext.getsocketfactory().createsocket(); }  public static httpclient sslclient(httpclient client) {     try {         x509trustmanager tm = new x509trustmanager() {              public void checkclienttrusted(x509certificate[] xcs, string string) throws certificateexception {             }              public void checkservertrusted(x509certificate[] xcs, string string) throws certificateexception {             }              public x509certificate[] getacceptedissuers() {                 return null;             }         };         sslcontext ctx = sslcontext.getinstance("tls");         ctx.init(null, new trustmanager[]{tm}, null);         sslsocketfactory ssf = new sslfactory(ctx);         ssf.sethostnameverifier(sslsocketfactory.allow_all_hostname_verifier);         clientconnectionmanager ccm = client.getconnectionmanager();         schemeregistry sr = ccm.getschemeregistry();         sr.register(new scheme("https", ssf, 443));         return new defaulthttpclient(ccm, client.getparams());     } catch (exception ex) {         return null;     } }  }

first should configure ssl certificate in server(https://xxx.yyy.zzzz) after use https api right response instead of exception


Comments

Post a Comment

Popular posts from this blog

C# random value from dictionary and tuple -

-
i have following code, , need random item contains string "region_1" dictionary. public static dictionary<int, tuple<string, int, currencytype>> itemarray = new dictionary<int, tuple<string, int, currencytype>>() { { 0xb3e, new tuple<string, int, currencytype>("region_1", 1500, currencytype.fame) } }; public static int generateitemid(string shopid) { var generateditem = itemarray.elementat(new random().next(0, itemarray.count)).key; } how select this? it's not possible efficiently... first create static random @ class level... prevent non-random behaviour if run query on short period of time... (it's seeded discrete clock) static random rnd = new random(); then: var item = itemarray.values .where(t => t.item1 == shopid) .orderby(_ => rnd.next()) .firstordefault()
Read more

cgi - How do I interpret URLs without extension as files rather than missing directories in nginx? -

-
so i'm trying install zoneminder , have run under nginx, has few compiled files need run using fast-cgi. these files lack extension. if file has extension, there no issue , nginx interprets file , return 404 if can't find it. if has no extension, assume it's directory , return 404 when can't find sort of index page. here have now: # security camera domain. server { listen 888; server_name mydomain.com; root /srv/http/zm; # enable php support. include php.conf; location / { index index.html index.htm index.php; } # enable cgi support. location ~ ^/cgi-bin/(.+)$ { alias /srv/cgi-bin/zm/; fastcgi_pass unix:/run/fcgiwrap.sock; fastcgi_param script_filename $document_root/$1; include fastcgi.conf; } } the idea is, under cgi-bin directory goes through fastcgi pipe. any idea on howi can fix this? upon closer inspection, realized zoneminder has 2 cgi sc...
Read more

.htaccess - htaccess convert request to clean url and add slash at the end of the url -

-
ok , searched more 4 days , more 20 posts here in stach or in websites without kind of success first here htaccess file rewriteengine on rewriterule ^([a-za-z0-9_]+)/?$ index.php?page=$1 [nc] rewriterule ^([a-za-z0-9_]+)\/([a-za-z0-9_]+)\/?$ index.php?page=$1&action=$2 [nc] i tried many codes 1 worked me can call request , works me www.example.com/pagename => www.example.com/index.php?page=pagename here questions , please provide me information "in detail" understand code well 1- how convert request automatically www.example.com/index.php?page=pagename www.example.com/pagename 2- if tried add slash @ end shows me page without images or styling mean www.example.com/pagename => works www.example.com/pagename/ => doesn't work that's :) for first part need 301 rule this: rewritecond %{the_request} /index\.php\?page=([^\s&]+) [nc] rewriterule ^ /%1? [r=301,l] for second part use absolute path in css, js, images files r...
Read more