Welcome to XDA

Search to go directly to your device's forum

Register an account

Unlock full posting privileges

Ask a question

No registration required
Post Reply

[Q] Random SSLHandshakeException

OP Auroratic

19th January 2014, 12:23 AM   |  #1  
Auroratic's Avatar
OP Member
Flag Austria
Thanks Meter: 0
 
45 posts
Join Date:Joined: Jun 2013
More
Hallo,
I have the following function in my AsyncTask:
Code:
private SSLContext trustCert() throws Exception {
        SSLContext context = null;

        context = SSLContext.getInstance("TLS");

        // Load CAs from an InputStream
        // (could be from a resource or ByteArrayInputStream or ...)
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        InputStream caInput = this.context.getResources().openRawResource(R.raw.cert);
        Certificate ca = cf.generateCertificate(caInput);
        caInput.close();

        // Create a KeyStore containing our trusted CAs
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        keyStore.setCertificateEntry("ca", ca);

        // Create a TrustManager that trusts the CAs in our KeyStore
        TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        tmf.init(keyStore);

        // Create an SSLContext that uses our TrustManager
        context.init(null, tmf.getTrustManagers(), null);
        return context;
    }
In the doInBackground-Function im loading some resources from my server with a self-signed certificate:
Code:
SSLContext sslContext = this.trustCert();
        HttpsURLConnection conn = (HttpsURLConnection) address.openConnection();
        conn.setSSLSocketFactory(sslContext.getSocketFactory());
......
 conn.connect(); //here i get the error
And sometimes (!) I get following Error on the last line of the code posted:
java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

But why?
19th January 2014, 06:34 PM   |  #2  
Auroratic's Avatar
OP Member
Flag Austria
Thanks Meter: 0
 
45 posts
Join Date:Joined: Jun 2013
More
..
anyone?
Last edited by Auroratic; 19th January 2014 at 06:41 PM.
19th January 2014, 08:56 PM   |  #3  
Junior Member
Thanks Meter: 1
 
14 posts
Join Date:Joined: Jan 2014
More
Hi

Are you sure your sever is well configured ? It seems that there are some intermediate certificates missing from the certificate chain but google "Trust anchor not found" you'll find some helpful links
24th January 2014, 02:56 AM   |  #4  
Junior Member
Thanks Meter: 0
 
1 posts
Join Date:Joined: Jan 2014
Wink
Quote:
Originally Posted by TheDoubleTap

Hi

Are you sure your sever is well configured ? It seems that there are some intermediate certificates missing from the certificate chain but google "Trust anchor not found" you'll find some helpful links


I have met this issue before. My solution is setting the verifier host and ssl factory before you setting up the https utl connection


e.g. :

private static void trustAllHosts() {
try {
HttpsURLConnection.setDefaultHostnameVerifier(notV erify);
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.g etSocketFactory());
} catch (Exception e) {
}
}

add this method before your https connection create method. Hope it can help you.
24th January 2014, 06:27 AM   |  #5  
Auroratic's Avatar
OP Member
Flag Austria
Thanks Meter: 0
 
45 posts
Join Date:Joined: Jun 2013
More
Look at my code, I'm already doing that..
Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes