Android HttpURLConnection- easiest way to trust all hosts?

Question

I'm trying to hit an https site through an Android client:

            URL url = new URL(myurl);
            Log.d("Connection", myurl);
            HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
            conn.setReadTimeout(10000 /* milliseconds */);
            conn.setConnectTimeout(15000 /* milliseconds */);
            conn.addRequestProperty("Content-Type", "application/json");
            conn.setRequestMethod("POST");
            conn.setDoInput(true);
            // Starts the query
            Log.d("Connection", "Connecting...");
            conn.connect();

The connect call is throwing an exception:

javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

EDIT: I'm told the site is using a self-signed certificate, and since this is only a prototype I just need to trust all hosts so it will work. Can someone point me toward a simple example of doing this? The code I've seen online gets quite complicated, I just want to do a hacky bypass of any verification.

score 0 · Answer 1 · edited May 23 '17 at 12:13

0

Are you sure that the password you are supplying is correct? This answer suggests that the connection can appear to hang if the password is incorrect.

edited May 23 '17 at 12:13

Community

1
1

answered Jun 16 '14 at 11:57

dave.c

10,910
5
39
62

I'll check it out, but yes the credentials are the same I'm using on iOS – Adam Jun 16 '14 at 19:00

score 0 · Answer 2 · answered Jun 17 '14 at 04:47

0

I fixed it by creating a new .csr with the right Organizational Unit Name and Common Name Hope you are using HTTPS in your URL.

answered Jun 17 '14 at 04:47

Wilson

176
1
11

this is just a prototype, I don't think they're going to pay for a proper certificate at this point, so I just want to bypass any validation – Adam Jun 25 '14 at 21:47

Android HttpURLConnection- easiest way to trust all hosts?

2 Answers2