0

I am doing an app to connect with HTTPS Server. I've read a lot of tutorials but i have not a ideal solution.

In server I've got a self-signed certificated. What have I to do in client part? I read official tutorial: http://developer.android.com/training/articles/security-ssl.html But if I load the same certificate app crashes with this exception javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

Some idea or example?

Thanks

user3086708
  • 375
  • 3
  • 17
  • possible duplicate of [Trust Anchor not found for Android SSL Connection](http://stackoverflow.com/questions/6825226/trust-anchor-not-found-for-android-ssl-connection) – Dave Jan 09 '15 at 11:23
  • It's probably something wrong with your code, show it – Than Jan 09 '15 at 11:28

1 Answers1

0

You need to add it to your Request.

For retrofit for example 

        OkHttpClient client = new OkHttpClient();

    try {
        KeyStore keyStore = readKeyStore(this);
        SSLContext sslContext = SSLContext.getInstance("SSL");
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, "keystore_pass".toCharArray());
        sslContext.init(keyManagerFactory.getKeyManagers(),trustManagerFactory.getTrustManagers(), new SecureRandom());
        client.setSslSocketFactory(sslContext.getSocketFactory());

    } catch (Exception e) {
        e.printStackTrace();
    }

Then

            .setClient(new OkClient(client))

To RestAdapter.Builder()

Ivan
  • 978
  • 6
  • 13
  • You don't have to init `SSLContext` with `KeyManager` if you don't use client side verification. Just pass null value. And you should use TLS instead of SSL – Than Jan 09 '15 at 11:30