5

I developed a demo android app that connect to a online server with secure websocket protocol. And i got "Trust anchor for certification path not found" error when start connection. I searched for this error and only found for related HTTPS and i have no idea for how to develop in websocket (wss).

And I used Autobahn-SW library for websocket.

Code is here (In My Activity class): 

@Override
protected void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);
    setContentView(R.layout.activity_main);

    final WebSocketConnection mConnection = new WebSocketConnection();

    final String wsuri = "wss://myserver_url";
    try {
        mConnection.connect(URI.create(wsuri), new WebSocketConnectionObserver() {

            @Override
            public void onOpen() {
                System.out.println("onOpend----> sending msg...");
                mConnection.sendTextMessage("hello");
            }

            @Override
            public void onClose(WebSocketCloseNotification code, String reason) {
                System.out.println("onClosed---> " + reason);
            }

            @Override
            public void onTextMessage(String payload) {
                System.out.println("onTextmessage---> " + payload);
            }

            @Override
            public void onRawTextMessage(byte[] payload) {
            }

            @Override
            public void onBinaryMessage(byte[] payload) {
            }

        });
    } catch (Exception e) {
        e.printStackTrace();
    }
}

And i got error as below : 

07-21 13:16:46.159: D/de.tavendo.autobahn.secure.WebSocketConnection(4023): WebSocket connection created.
07-21 13:16:46.329: 
D/de.tavendo.autobahn.secure.WebSocketReader(4023): WebSocket reader created.
07-21 13:16:46.349: 
D/de.tavendo.autobahn.secure.WebSocketConnection(4023): WebSocket reader created and started.
07-21 13:16:46.349: 
D/de.tavendo.autobahn.secure.WebSocketWriter(4023): WebSocket writer created.
07-21 13:16:46.449: 
E/de.tavendo.autobahn.secure.WebSocketReader(4023): java.security.cert.CertPathValidatorException: Trust anchor for certification path not 
found.
07-21 13:16:46.479: E/de.tavendo.autobahn.secure.WebSocketWriter(4023): Socket is closed
07-21 13:16:46.479: 
D/de.tavendo.autobahn.secure.WebSocketWriter(4023): WebSocker writer running.
07-21 13:16:46.479: 
D/de.tavendo.autobahn.secure.WebSocketConnection(4023): WebSocket writer created and started.
07-21 13:16:46.499: 
D/de.tavendo.autobahn.secure.WebSocketConnection(4023): fail connection [code = INTERNAL_ERROR, reason = WebSockets internal error 
(java.lang.NullPointerException)
07-21 13:16:46.499: D/de.tavendo.autobahn.secure.WebSocketReader(4023): quit
07-21 13:16:46.499: 
D/de.tavendo.autobahn.secure.WebSocketWriter(4023): WebSocket writer ended.
07-21 13:16:46.499: 
D/de.tavendo.autobahn.secure.WebSocketConnection(4023): SocketThread exited.

How can i connect for Secure websocket (wss) ? Code example will be helpful.

james
  • 1,967
  • 3
  • 21
  • 27

2 Answers2

4

Thanks to @Jack, I solved the solution as below : for my case, my server is generated self singed certificate. But below codes will(should) not need after server got relevant validated SSL certificate.

I got the solution from this too HTTPS GET (SSL) with Android and self-signed server certificate.

/*************************************************************************************************/
            /* Below code is only purposed for Testing, Not to use in real environment */
            /**
             * Setting custom Trust managers which are intended to allow SSL connection to server.
             * This custom trust managers are allowing for all connection types, so this may cause network connection security leak.
             * So those are used only for testing purposes.
             *              
             * Doc - http://developer.android.com/training/articles/security-ssl.html#SelfSigned
             * */
            WebSocketClient.setTrustManagers(new TrustManager[] {
              new X509TrustManager() {
                    public void checkClientTrusted(X509Certificate[] chain, String authType) {}
                    public void checkServerTrusted(X509Certificate[] chain, String authType) {}
                    public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[]{}; }
                  }
            });
            /*************************************************************************************************/

            wsClient = new WebSocketClient(uri, this , extraHeaders);       
            wsClient.connect();
Community
  • 1
  • 1
james
  • 1,967
  • 3
  • 21
  • 27
  • 2
    It would be helpful to mention that you changed your library to [android-websockets](https://github.com/codebutler/android-websockets). Also, if someone is having issues with the imports: "import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; import java.security.cert.X509Certificate;" – radu122 Jun 03 '15 at 16:14
0

The most common reason behind this error are; the certificate authority issued the certificate is unknown. The certificate is not signed by known authority or it is self signed or some issue with intermediate certificate.

I recommend referring this official guide shared by Android developer community. https://developer.android.com/training/articles/security-ssl.html