javax.net.ssl.SSLHandshakeException?
I'm trying to connect to a WCF server using HTTPS connection (UrlHttpsConnection class) and always get the error "Trust anchor for certification path not found".
I found thousands examples on the Web about that issue but nothing that really helps me.
My WCF service works with a certificate signed by an internal CA that has been added to the list of trusted CAs on my smartphone. If I call the url https://myserver/myservice/test from Chrome on my smartphone, I no longer have warning, the certificate is considered as valid. From my app, I keep getting the error message.
Do you know why my app does not consider the server certificate as valid while Chrome does ? How can I fix that ?
For security reasons, I don't want ignore the SSL verification.
Thank you in advance for your suggestions.
java
android ssl ca edited Nov 21 at 10:46
Fantômas
32.3k156288
asked Nov 21 at 10:21
n_stack
161
add a comment |
I'm trying to connect to a WCF server using HTTPS connection (UrlHttpsConnection class) and always get the error "Trust anchor for certification path not found".
I found thousands examples on the Web about that issue but nothing that really helps me.
My WCF service works with a certificate signed by an internal CA that has been added to the list of trusted CAs on my smartphone. If I call the url https://myserver/myservice/test from Chrome on my smartphone, I no longer have warning, the certificate is considered as valid. From my app, I keep getting the error message.
Do you know why my app does not consider the server certificate as valid while Chrome does ? How can I fix that ?
For security reasons, I don't want ignore the SSL verification.
Thank you in advance for your suggestions.
java
android ssl ca edited Nov 21 at 10:46
Fantômas
32.3k156288
asked Nov 21 at 10:21
n_stack
161
because when call api that time pass ssl certificate.
– Android Team
Nov 21 at 10:22
add a comment |
I'm trying to connect to a WCF server using HTTPS connection (UrlHttpsConnection class) and always get the error "Trust anchor for certification path not found".
I found thousands examples on the Web about that issue but nothing that really helps me.
My WCF service works with a certificate signed by an internal CA that has been added to the list of trusted CAs on my smartphone. If I call the url https://myserver/myservice/test from Chrome on my smartphone, I no longer have warning, the certificate is considered as valid. From my app, I keep getting the error message.
Do you know why my app does not consider the server certificate as valid while Chrome does ? How can I fix that ?
For security reasons, I don't want ignore the SSL verification.
Thank you in advance for your suggestions.
java
android ssl ca edited Nov 21 at 10:46
Fantômas
32.3k156288
asked Nov 21 at 10:21
n_stack
161
I'm trying to connect to a WCF server using HTTPS connection (UrlHttpsConnection class) and always get the error "Trust anchor for certification path not found".
I found thousands examples on the Web about that issue but nothing that really helps me.
My WCF service works with a certificate signed by an internal CA that has been added to the list of trusted CAs on my smartphone. If I call the url https://myserver/myservice/test from Chrome on my smartphone, I no longer have warning, the certificate is considered as valid. From my app, I keep getting the error message.
Do you know why my app does not consider the server certificate as valid while Chrome does ? How can I fix that ?
For security reasons, I don't want ignore the SSL verification.
Thank you in advance for your suggestions.
java
android ssl ca java
android ssl ca edited Nov 21 at 10:46
Fantômas
32.3k156288
asked Nov 21 at 10:21
n_stack
161
edited Nov 21 at 10:46
Fantômas
32.3k156288
asked Nov 21 at 10:21
n_stack
161
edited Nov 21 at 10:46
Fantômas
32.3k156288
edited Nov 21 at 10:46
Fantômas
32.3k156288
edited Nov 21 at 10:46
Fantômas
32.3k156288
32.3k156288
asked Nov 21 at 10:21
n_stack
161
asked Nov 21 at 10:21
n_stack
161
asked Nov 21 at 10:21
n_stack
161
161
because when call api that time pass ssl certificate.
– Android Team
Nov 21 at 10:22
add a comment |
because when call api that time pass ssl certificate.
– Android Team
Nov 21 at 10:22
because when call api that time pass ssl certificate.
– Android Team
Nov 21 at 10:22
because when call api that time pass ssl certificate.
– Android Team
Nov 21 at 10:22
add a comment |
1 Answer
1
active
oldest
votes
Try this way but i used retrofit for api calling..
public class ApiClient {
//public final static String BASE_URL = "https://prod.appowiz.com/app/services/";
public final static String BASE_URL_SECURE = "Pass your url";
public static ApiClient apiClient;
private Retrofit retrofit = null;
private static Retrofit storeRetrofit = null;
public Retrofit getClient(Context context) {
HttpLoggingInterceptor interceptor = new HttpLoggingInterceptor();
interceptor.setLevel(HttpLoggingInterceptor.Level.BODY);
OkHttpClient client = new OkHttpClient.Builder().addInterceptor(interceptor).build();
retrofit = new Retrofit.Builder()
.baseUrl(BASE_URL_SECURE)
.addConverterFactory(GsonConverterFactory.create())
.client(client)
.build();
return retrofit;
}
public static Retrofit getStore() {
if (storeRetrofit == null) {
final TrustManager trustAllCerts = new TrustManager{new X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate chain, String authType) {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate chain, String authType) {
}
@Override
public java.security.cert.X509Certificate getAcceptedIssuers() {
return new java.security.cert.X509Certificate[0];
}
}};
// Install the all-trusting trust manager
final SSLContext sslContext;
HttpLoggingInterceptor interceptor = new HttpLoggingInterceptor();
interceptor.setLevel(HttpLoggingInterceptor.Level.BODY);
try {
sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
final OkHttpClient okHttpClient = new OkHttpClient.Builder()
.addInterceptor(interceptor)
.connectTimeout(10, TimeUnit.SECONDS)
.writeTimeout(10, TimeUnit.SECONDS)
.readTimeout(30, TimeUnit.SECONDS)
.sslSocketFactory(sslSocketFactory).hostnameVerifier(org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)
.build();
storeRetrofit = new Retrofit.Builder()
.baseUrl(BASE_URL_SECURE)
.addConverterFactory(GsonConverterFactory.create())
.client(okHttpClient)
.build();
} catch (NoSuchAlgorithmException | KeyManagementException e1) {
CustomLogHandler.printErrorlog(e1);
}
}
return storeRetrofit;
}
for api calling create interface..
public interface ApiInterface {
@POST("device/add_device_name")
Call<AddDeviceNameVo> addDeviceName(@Body JsonObject body);
}
called api into activity or fragment like this way..
apiInterface = ApiClient.getStore().create(ApiInterface.class);
answered Nov 21 at 10:27
Android Team
7,47411033
more information refer this link square.github.io/retrofit
– Android Team
Nov 21 at 10:28
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53409889%2fjavax-net-ssl-sslhandshakeexception%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Try this way but i used retrofit for api calling..
public class ApiClient {
//public final static String BASE_URL = "https://prod.appowiz.com/app/services/";
public final static String BASE_URL_SECURE = "Pass your url";
public static ApiClient apiClient;
private Retrofit retrofit = null;
private static Retrofit storeRetrofit = null;
public Retrofit getClient(Context context) {
HttpLoggingInterceptor interceptor = new HttpLoggingInterceptor();
interceptor.setLevel(HttpLoggingInterceptor.Level.BODY);
OkHttpClient client = new OkHttpClient.Builder().addInterceptor(interceptor).build();
retrofit = new Retrofit.Builder()
.baseUrl(BASE_URL_SECURE)
.addConverterFactory(GsonConverterFactory.create())
.client(client)
.build();
return retrofit;
}
public static Retrofit getStore() {
if (storeRetrofit == null) {
final TrustManager trustAllCerts = new TrustManager{new X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate chain, String authType) {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate chain, String authType) {
}
@Override
public java.security.cert.X509Certificate getAcceptedIssuers() {
return new java.security.cert.X509Certificate[0];
}
}};
// Install the all-trusting trust manager
final SSLContext sslContext;
HttpLoggingInterceptor interceptor = new HttpLoggingInterceptor();
interceptor.setLevel(HttpLoggingInterceptor.Level.BODY);
try {
sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
final OkHttpClient okHttpClient = new OkHttpClient.Builder()
.addInterceptor(interceptor)
.connectTimeout(10, TimeUnit.SECONDS)
.writeTimeout(10, TimeUnit.SECONDS)
.readTimeout(30, TimeUnit.SECONDS)
.sslSocketFactory(sslSocketFactory).hostnameVerifier(org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)
.build();
storeRetrofit = new Retrofit.Builder()
.baseUrl(BASE_URL_SECURE)
.addConverterFactory(GsonConverterFactory.create())
.client(okHttpClient)
.build();
} catch (NoSuchAlgorithmException | KeyManagementException e1) {
CustomLogHandler.printErrorlog(e1);
}
}
return storeRetrofit;
}
for api calling create interface..
public interface ApiInterface {
@POST("device/add_device_name")
Call<AddDeviceNameVo> addDeviceName(@Body JsonObject body);
}
called api into activity or fragment like this way..
apiInterface = ApiClient.getStore().create(ApiInterface.class);
answered Nov 21 at 10:27
Android Team
7,47411033
more information refer this link square.github.io/retrofit
– Android Team
Nov 21 at 10:28
add a comment |
Try this way but i used retrofit for api calling..
public class ApiClient {
//public final static String BASE_URL = "https://prod.appowiz.com/app/services/";
public final static String BASE_URL_SECURE = "Pass your url";
public static ApiClient apiClient;
private Retrofit retrofit = null;
private static Retrofit storeRetrofit = null;
public Retrofit getClient(Context context) {
HttpLoggingInterceptor interceptor = new HttpLoggingInterceptor();
interceptor.setLevel(HttpLoggingInterceptor.Level.BODY);
OkHttpClient client = new OkHttpClient.Builder().addInterceptor(interceptor).build();
retrofit = new Retrofit.Builder()
.baseUrl(BASE_URL_SECURE)
.addConverterFactory(GsonConverterFactory.create())
.client(client)
.build();
return retrofit;
}
public static Retrofit getStore() {
if (storeRetrofit == null) {
final TrustManager trustAllCerts = new TrustManager{new X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate chain, String authType) {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate chain, String authType) {
}
@Override
public java.security.cert.X509Certificate getAcceptedIssuers() {
return new java.security.cert.X509Certificate[0];
}
}};
// Install the all-trusting trust manager
final SSLContext sslContext;
HttpLoggingInterceptor interceptor = new HttpLoggingInterceptor();
interceptor.setLevel(HttpLoggingInterceptor.Level.BODY);
try {
sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
final OkHttpClient okHttpClient = new OkHttpClient.Builder()
.addInterceptor(interceptor)
.connectTimeout(10, TimeUnit.SECONDS)
.writeTimeout(10, TimeUnit.SECONDS)
.readTimeout(30, TimeUnit.SECONDS)
.sslSocketFactory(sslSocketFactory).hostnameVerifier(org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)
.build();
storeRetrofit = new Retrofit.Builder()
.baseUrl(BASE_URL_SECURE)
.addConverterFactory(GsonConverterFactory.create())
.client(okHttpClient)
.build();
} catch (NoSuchAlgorithmException | KeyManagementException e1) {
CustomLogHandler.printErrorlog(e1);
}
}
return storeRetrofit;
}
for api calling create interface..
public interface ApiInterface {
@POST("device/add_device_name")
Call<AddDeviceNameVo> addDeviceName(@Body JsonObject body);
}
called api into activity or fragment like this way..
apiInterface = ApiClient.getStore().create(ApiInterface.class);
answered Nov 21 at 10:27
Android Team
7,47411033
more information refer this link square.github.io/retrofit
– Android Team
Nov 21 at 10:28
add a comment |
Try this way but i used retrofit for api calling..
public class ApiClient {
//public final static String BASE_URL = "https://prod.appowiz.com/app/services/";
public final static String BASE_URL_SECURE = "Pass your url";
public static ApiClient apiClient;
private Retrofit retrofit = null;
private static Retrofit storeRetrofit = null;
public Retrofit getClient(Context context) {
HttpLoggingInterceptor interceptor = new HttpLoggingInterceptor();
interceptor.setLevel(HttpLoggingInterceptor.Level.BODY);
OkHttpClient client = new OkHttpClient.Builder().addInterceptor(interceptor).build();
retrofit = new Retrofit.Builder()
.baseUrl(BASE_URL_SECURE)
.addConverterFactory(GsonConverterFactory.create())
.client(client)
.build();
return retrofit;
}
public static Retrofit getStore() {
if (storeRetrofit == null) {
final TrustManager trustAllCerts = new TrustManager{new X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate chain, String authType) {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate chain, String authType) {
}
@Override
public java.security.cert.X509Certificate getAcceptedIssuers() {
return new java.security.cert.X509Certificate[0];
}
}};
// Install the all-trusting trust manager
final SSLContext sslContext;
HttpLoggingInterceptor interceptor = new HttpLoggingInterceptor();
interceptor.setLevel(HttpLoggingInterceptor.Level.BODY);
try {
sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
final OkHttpClient okHttpClient = new OkHttpClient.Builder()
.addInterceptor(interceptor)
.connectTimeout(10, TimeUnit.SECONDS)
.writeTimeout(10, TimeUnit.SECONDS)
.readTimeout(30, TimeUnit.SECONDS)
.sslSocketFactory(sslSocketFactory).hostnameVerifier(org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)
.build();
storeRetrofit = new Retrofit.Builder()
.baseUrl(BASE_URL_SECURE)
.addConverterFactory(GsonConverterFactory.create())
.client(okHttpClient)
.build();
} catch (NoSuchAlgorithmException | KeyManagementException e1) {
CustomLogHandler.printErrorlog(e1);
}
}
return storeRetrofit;
}
for api calling create interface..
public interface ApiInterface {
@POST("device/add_device_name")
Call<AddDeviceNameVo> addDeviceName(@Body JsonObject body);
}
called api into activity or fragment like this way..
apiInterface = ApiClient.getStore().create(ApiInterface.class);
answered Nov 21 at 10:27
Android Team
7,47411033
Try this way but i used retrofit for api calling..
public class ApiClient {
//public final static String BASE_URL = "https://prod.appowiz.com/app/services/";
public final static String BASE_URL_SECURE = "Pass your url";
public static ApiClient apiClient;
private Retrofit retrofit = null;
private static Retrofit storeRetrofit = null;
public Retrofit getClient(Context context) {
HttpLoggingInterceptor interceptor = new HttpLoggingInterceptor();
interceptor.setLevel(HttpLoggingInterceptor.Level.BODY);
OkHttpClient client = new OkHttpClient.Builder().addInterceptor(interceptor).build();
retrofit = new Retrofit.Builder()
.baseUrl(BASE_URL_SECURE)
.addConverterFactory(GsonConverterFactory.create())
.client(client)
.build();
return retrofit;
}
public static Retrofit getStore() {
if (storeRetrofit == null) {
final TrustManager trustAllCerts = new TrustManager{new X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate chain, String authType) {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate chain, String authType) {
}
@Override
public java.security.cert.X509Certificate getAcceptedIssuers() {
return new java.security.cert.X509Certificate[0];
}
}};
// Install the all-trusting trust manager
final SSLContext sslContext;
HttpLoggingInterceptor interceptor = new HttpLoggingInterceptor();
interceptor.setLevel(HttpLoggingInterceptor.Level.BODY);
try {
sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
final OkHttpClient okHttpClient = new OkHttpClient.Builder()
.addInterceptor(interceptor)
.connectTimeout(10, TimeUnit.SECONDS)
.writeTimeout(10, TimeUnit.SECONDS)
.readTimeout(30, TimeUnit.SECONDS)
.sslSocketFactory(sslSocketFactory).hostnameVerifier(org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)
.build();
storeRetrofit = new Retrofit.Builder()
.baseUrl(BASE_URL_SECURE)
.addConverterFactory(GsonConverterFactory.create())
.client(okHttpClient)
.build();
} catch (NoSuchAlgorithmException | KeyManagementException e1) {
CustomLogHandler.printErrorlog(e1);
}
}
return storeRetrofit;
}
for api calling create interface..
public interface ApiInterface {
@POST("device/add_device_name")
Call<AddDeviceNameVo> addDeviceName(@Body JsonObject body);
}
called api into activity or fragment like this way..
apiInterface = ApiClient.getStore().create(ApiInterface.class);
answered Nov 21 at 10:27
Android Team
7,47411033
answered Nov 21 at 10:27
Android Team
7,47411033
answered Nov 21 at 10:27
Android Team
7,47411033
answered Nov 21 at 10:27
Android Team
7,47411033
7,47411033
more information refer this link square.github.io/retrofit
– Android Team
Nov 21 at 10:28
add a comment |
more information refer this link square.github.io/retrofit
– Android Team
Nov 21 at 10:28
more information refer this link square.github.io/retrofit
– Android Team
Nov 21 at 10:28
more information refer this link square.github.io/retrofit
– Android Team
Nov 21 at 10:28
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53409889%2fjavax-net-ssl-sslhandshakeexception%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
because when call api that time pass ssl certificate.
– Android Team
Nov 21 at 10:22