0

Here is the error I am getting and it only happens on : 

javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

Here is the method I am calling up until the point that I get the SSLHandshake error:

public String doRequest(String url, HashMap<Object, Object> data,
        Method method, String token) throws Exception {

    InputStream certificateInputStream = null;
    if (SomeApplication.PRODUCTION) {
        certificateInputStream = SomeApplication.context
                .getResources().openRawResource(R.raw.production_cert);
        LogUtils.log("using production SSL certificate");
    } else {
        certificateInputStream = SomeApplication.context
                .getResources().openRawResource(R.raw.staging_cert);
        LogUtils.log("using staging SSL certificate");
    }

    KeyStore trustStore = KeyStore.getInstance("BKS");
    trustStore.load(certificateInputStream,
            "xxxxxxxxxxxx".toCharArray());
    certificateInputStream.close();

    TrustManagerFactory tmf = TrustManagerFactory.getInstance("X509");
    tmf.init(trustStore);
    SSLContext context = SSLContext.getInstance("TLS");
            // this log returns 1 for trustmanagers. 
    LogUtils.log("tmf get trustmanagers: " + tmf.getTrustManagers().length);
    context.init(null, tmf.getTrustManagers(), null);
URL request = new URL(url);
        HttpsURLConnection urlConnection = (HttpsURLConnection) request
                .openConnection();

        urlConnection.setHostnameVerifier(new StrictHostnameVerifier());
        urlConnection.setSSLSocketFactory(context.getSocketFactory());
        urlConnection.setConnectTimeout(15000);
        if (method != Method.GET)
            urlConnection.setDoOutput(true);
        urlConnection.setDoInput(true);
        urlConnection.setRequestProperty("Content-Type", "application/json");
        urlConnection.setRequestProperty("Accept", "application/json");
        if (token != null) {
            urlConnection.setRequestProperty("Authorization", "Token " + token);
        }
        urlConnection.setRequestMethod(method.toString());
        urlConnection.connect();

it errors somewhere around the connection (with the handshake error which makes sense). I tested it and when I set;

context.init(null, tmf.getTrustManagers(), null);

to:

context.init(null, null, null);

it works without the trustmanager and using null instead... But it needs to be secure.... Please help!

jimbob
  • 3,288
  • 11
  • 45
  • 70
  • Duplicate of [Error - trustAnchors parameter must be non-empty](http://stackoverflow.com/questions/6784463/error-trustanchors-parameter-must-be-non-empty) – user207421 Jan 28 '14 at 10:08
  • NB It doesn't mean 'devices not finding trust managers', contrary to your title. – user207421 Jan 28 '14 at 10:09
  • It says i should update my java? You think that could be the problem? This is an android app by the way... Surely my java version shouldnt effect the way the 2.3 build works with it...? – jimbob Jan 28 '14 at 10:12
  • Read my answer in the duplicate thread. Ignore everything else. – user207421 Jan 28 '14 at 10:16
  • right but... It works for other android devices that ARENT 2.3. Can you explain that? – jimbob Jan 28 '14 at 10:17
  • I can only tell you what the message means. If Android 2.3 can't find the truststore for some reason, that's the problem you will have to solve. – user207421 Jan 28 '14 at 10:27
  • Does my code look like the correct way to do this? – jimbob Jan 28 '14 at 10:53

0 Answers0