Android SSLContext trusted certificates Not Working on API 8

Question

I have the following code for configuring and SSL Connection and instantiating a JsonRpcHttpClient using the Jsonrpc4j implementation:

public static void createJsonRpcClient(Context ctx) throws NoSuchAlgorithmException, KeyStoreException, CertificateException, FileNotFoundException, IOException, KeyManagementException {
      if(instance==null) {          
            //http://stackoverflow.com/questions/7615645
            Properties props=System.getProperties();
            props.put("jsse.enableSNIExtension", "false");
            //Configurando la conexion SSL
            SSLContext sc=SSLContext.getInstance("TLS");
            KeyStore ks = KeyStore.getInstance("PKCS12");
            AssetManager manager=ctx.getAssets();
            ks.load(manager.open("www.example.com.p12"), 
                      "Password".toCharArray());
            TrustManagerFactory tf = TrustManagerFactory
                    .getInstance(TrustManagerFactory.getDefaultAlgorithm());
            tf.init(ks);
            sc.init(null, tf.getTrustManagers(), null);
            //Configurando la autenticacion HTTP
            Authenticator auth=new Authenticator() {
                @Override
                protected PasswordAuthentication getPasswordAuthentication() {                  
                    return new PasswordAuthentication("user", 
                            "pass".toCharArray());
                }
            };
            Authenticator.setDefault(auth);
            instance=new JsonRpcHttpClient(new URL("https://www.example.com/" +
                    "dbconnector/index.php"));
            instance.setSslContext(sc);
        }       
    }

    /**
     * 
     * @return La instancia del cliente JSON-RPC
     */
    public static JsonRpcHttpClient getJsonRpcClient() {        
        return instance;
    }

This code formatting is very awful, I don't know why... Anyways, this code works perfect on Android 4.2, and the following JSON-RPC requests work fine

On Android 2.2 however, even when the code don't throw any exception when I try to perform a JSON-RPC request this exception is thrown:

07-18 16:00:06.433: W/System.err(391): Expetion: Not trusted server certificate
07-18 16:00:06.493: W/System.err(391): javax.net.ssl.SSLException: Not trusted server certificate
07-18 16:00:06.493: W/System.err(391):  at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:371)
07-18 16:00:06.623: W/System.err(391):  at org.apache.harmony.luni.internal.net.www.protocol.http.HttpConnection.getSecureSocket(HttpConnection.java:168)
07-18 16:00:06.643: W/System.err(391):  at org.apache.harmony.luni.internal.net.www.protocol.https.HttpsURLConnectionImpl$HttpsEngine.connect(HttpsURLConnectionImpl.java:399)
07-18 16:00:06.653: W/System.err(391):  at org.apache.harmony.luni.internal.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:147)
07-18 16:00:06.773: W/System.err(391):  at com.googlecode.jsonrpc4j.JsonRpcHttpClient.invoke(JsonRpcHttpClient.java:145)
07-18 16:00:06.832: W/System.err(391):  at com.googlecode.jsonrpc4j.JsonRpcHttpClient.invoke(JsonRpcHttpClient.java:105)
07-18 16:00:06.832: W/System.err(391):  at com.googlecode.jsonrpc4j.JsonRpcHttpClient.invoke(JsonRpcHttpClient.java:123)
07-18 16:00:06.842: W/System.err(391):  at com.example.app.JsonRpcTask.doInBackground(JsonRpcTask.java:40)

The JsonRpcTask mentioned on the last line is an AsyncTask that retrieves the previously instantiated JsonRpcHttpClient and sends the JSON-RPC call that I pass to it.

Since it's not a NullPointerException it means that the instance was correctly initiated, however it seems that the trusted certificate was ignored for some reason.

PD: Please help me with the SO formatting, this is a mess-up... I think a WYSIWYG Editor will be awesome

Answer 1

Ok, I found that the problem was related with the TrustManager, the solution is described here