Xamarin.Forms PCL javax.net.ssl.SSLHandshakeException

Question

I'm working on a Xamarin.Forms PCL project and i'm trying to send a request to REST API located on an intranet SSL server. The intranet server is using a self signed certificate. I've been testing this on the Android project but i'm getting the following error:

11-30 19:59:10.645 E/mono-rt ( 4180): [ERROR] FATAL UNHANDLED EXCEPTION: Javax.Net.Ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. ---> Java.Security.Cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. ---> Java.Security.Cert.CertPathValidatorException: Trust anchor for certification path not found. 11-30 19:59:10.645 E/mono-rt ( 4180): --- End of inner exception stack trace --- 11-30 19:59:10.645 E/mono-rt ( 4180): --- End of inner exception stack trace --- 11-30 19:59:10.645 E/mono-rt ( 4180): --- End of managed Javax.Net.Ssl.SSLHandshakeException stack trace --- 11-30 19:59:10.645 E/mono-rt ( 4180): javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. 11-30 19:59:10.645 E/mono-rt ( 4180): at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:361) 11-30 19:59:10.645 E/mono-rt ( 4180): at com.squareup.okhttp.Connection.upgradeToTls(Connection.java:242) 11-30 19:59:10.645 E/mono-rt ( 4180): at com.squareup.okhttp.Connection.connect(Connection.java:159) 11-30 19:59:10.645 E/mono-rt ( 4180): at com.squareup.okhttp.Connection.connectAndSetOwner(Connection.java:175) 11-30 19:59:10.645 E/mono-rt ( 4180): at com.squareup.okhttp.OkHttpClient$1.connectAndSetOwner(OkHttpClient.java:120) 11-30 19:59:10.645 E/mono-rt ( 4180): at com.squareup.okhttp.internal.http.HttpEngine.nextConnection(HttpEngine.java:330) 11-30 19:59:10.645 E/mono-rt ( 4180): at com.squareup.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:319) 11-30 19:59:10.645 E/mono-rt ( 4180): at com.squareup.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:241) 11-30 19:59:10.645 E/mono-rt ( 4180): at com.squareup.okhttp.Call.getResponse(Call.java:271) 11-30 19:59:10.645 E/mono-rt ( 4180): at com.squareup.okhttp.Call$ApplicationInterceptorChain.proceed(Call.java:228) 11-30 19:59:10.645 E/mono-rt ( 4180): at com.squareup.okhttp.Call.getResponseWithInterceptorChain(Call.java:199) 11-30 19:59:10.645 E/mono-rt ( 4180): at com.squareup.okhttp.Call.access$100(Call.java:34) 11-30 19:59:10.645 E/mono-rt ( 4180): at com.squareup.okhttp.Call$AsyncCall.execute(Call.java:162) 11-30 19:59:10.645 E/mono-rt ( 4180): at com.squareup.okhttp.internal.NamedRunnable.run(NamedRunnable.java:33) 11-30 19:59:10.645 E/mono-rt ( 4180): at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1133) 11-30 19:59:10.645 E/mono-rt ( 4180): at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:607) 11-30 19:59:10.645 E/mono-rt ( 4180): at java.lang.Thread.run(Thread.java:761) 11-30 19:59:10.645 E/mono-rt ( 4180): Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. 11-30 19:59:10.645 E/mono-rt ( 4180): at com.android.org.conscrypt.TrustManagerImpl.verifyChain(TrustManagerImpl.java:563) 11-30 19:59:10.645 E/mono-rt ( 4180): at com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:444) 11-30 19:59:10.645 E/mono-rt ( 4180): at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:401) 11-30 19:59:10.645 E/mono-rt ( 4180): at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:375) 11-30 19:59:10.645 E/mono-rt ( 4180): at com.android.org.conscrypt.TrustManagerImpl.getTrustedChainForServer(TrustManagerImpl.java:304) 11-30 19:59:10.645 E/mono-rt ( 4180): at android.security.net.config.NetworkSecurityTrustManager.checkServerTrusted(NetworkSecurityTrustManager.java:94) 11-30 19:59:10.645 E/mono-rt ( 4180): at android.security.net.config.RootTrustManager.checkServerTrusted(RootTrustManager.java:88) 11-30 19:59:10.645 E/mono-rt ( 4180): at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:178) 11-30 19:59:10.645 E/mono-rt ( 4180): at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:596) 11-30 19:59:10.645 E/mono-rt ( 4180): at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method) 11-30 19:59:10.645 E/mono-rt ( 4180): at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:357) 11-30 19:59:10.645 E/mono-rt ( 4180): ... 16 more 11-30 19:59:10.645 E/mono-rt ( 4180): Caused by: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. 11-30 19:59:10.645 E/mono-rt ( 4180): ... 27 more

How should i fix this?

This answer works: https://stackoverflow.com/questions/54715317/xamarin-android-issue-connecting-via-https-to-site-with-self-signed-certificate — M. Quinn, Apr 04 '19 at 04:38

score 0 · Answer 1 · answered Mar 21 '18 at 01:54

try this, it will override self signed ssl certs. pop this in your android OnCreate() method.

System.Net.ServicePointManager.ServerCertificateValidationCallback +=
(sender, cert, chain, sslPolicyErrors) =>
{
    if (cert != null) System.Diagnostics.Debug.WriteLine(cert);
    return true;
};

Xamarin.Forms PCL javax.net.ssl.SSLHandshakeException

1 Answers1