12

I am trying to insert a record into MySQL by posting data to a PHP server from an Android app. I have added the INTERNET permission to AndroidManifest.xml

I get javax.net.ssl.SSLPeerUnverifiedException: No peer certificate

Android code

private void senddata(ArrayList<NameValuePair> data)
{
    try 
    {
        HttpClient httpclient = new DefaultHttpClient();
        HttpPost httppost = new HttpPost("https://10.0.2.2/insert222.php");
        httppost.setEntity(new UrlEncodedFormEntity(data));
        HttpResponse response = httpclient.execute(httppost);

    }
    catch (Exception e) {
        // TODO: handle exception
        Log.e("log_tag", "Error:  "+e.toString());
    }
}

Can anyone help?

Cypress Frankenfeld
  • 2,317
  • 2
  • 28
  • 40
Break Hart
  • 169
  • 1
  • 1
  • 7

3 Answers3

7

Warning: Do not implement this in production code you are ever going to use on a network you do not entirely trust. Especially anything going over the public internet. This link gives more correct answer. Here is an implementation using SSL.

Your problem is you are using DefaultHttpClient for https(secure url).
Create a custom DefaultHttpClient

public static HttpClient createHttpClient()
{
    HttpParams params = new BasicHttpParams();
    HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
    HttpProtocolParams.setContentCharset(params, HTTP.DEFAULT_CONTENT_CHARSET);
    HttpProtocolParams.setUseExpectContinue(params, true);

    SchemeRegistry schReg = new SchemeRegistry();
    schReg.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
    schReg.register(new Scheme("https", SSLSocketFactory.getSocketFactory(), 443));
    ClientConnectionManager conMgr = new ThreadSafeClientConnManager(params, schReg);

    return new DefaultHttpClient(conMgr, params);
}

Than change your code as follows:

        HttpClient httpclient = createHttpClient();
        HttpPost httppost = new HttpPost("https://10.0.2.2/insert222.php");
        httppost.setEntity(new UrlEncodedFormEntity(data));
        HttpResponse response = httpclient.execute(httppost);

Have a look at here if you have problems
It should work.

Community
  • 1
  • 1
Lazy Ninja
  • 22,342
  • 9
  • 83
  • 103
  • 12
    You shouldn't advise people to 'trust all the certificates' without also advising them of the security breach that is involved. – user207421 Sep 18 '13 at 04:46
  • @EJP you are right! The link I direct him to has the WARNING! Maybe thats not enough. – Lazy Ninja Sep 18 '13 at 05:14
  • 2
    The warning should be here. – user207421 Sep 18 '13 at 06:43
  • `The method getSocketFactory() is undefined for the type SSLSocketFactory`. Why? EDIT: just use `import org.apache.http.conn.ssl.SSLSocketFactory;` instead of `import javax.net.ssl.SSLSocketFactory;` – smartmouse Jul 27 '15 at 09:26
  • 2
    I have used the above method. i still i am getting an error javax.net.ssl.SSLPeerUnverifiedException: No peer certificate at com.android.org.conscrypt.SSLNullSession.getPeerCertificates(SSLNullSession.java:104) at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:93) at org.apache.http.conn.ssl.SSLSocketFactory.createSocket(SSLSocketFactory.java:388) at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:165) – Arya Apr 18 '16 at 07:15
2

I had this issue with an IIS 8 server. In the https binding, I had to uncheck the checkbox labeled "Require Server Name Indication." Once I unchecked it, I quit getting the error.

Tim Cooke
  • 862
  • 7
  • 14
  • @skrrgwasme when reviewing these, be sure to read the entire sentence. While it starts off sounding like it's going to be a question or an 'I'm having this problem too' comment, this is not. – AdamMc331 Apr 24 '15 at 22:16
  • @McAdam331 You're absolutely right. Thanks for pointing it out. I do try to read the whole post, but obviously made a mistake on this one. – skrrgwasme Apr 24 '15 at 22:58
  • @skrrgwasme happens to the best of us, just wanted to make sure you knew. – AdamMc331 Apr 24 '15 at 22:59
  • @Tim Cooke, please ignore the comment I made earlier. As McAdam331 helpfully pointed out, it was my mistake. – skrrgwasme Apr 24 '15 at 23:00
1

I have to say all trusted certificates (trusted by authorized centres such as COMODO, Symantec, etc.) have to be work in any case. If your app recieves such javax.net.ssl.SSLPeerUnverifiedException: No peer certificate using bought certificate you give something wrong on server side. To test use openssl s_client -connect example.com:443 command to get inner information about certificate your app recieve. In may case my nginx-server sent wrong certificate in some cases.

Vyacheslav
  • 26,359
  • 19
  • 112
  • 194