I'm trying to implement an Amazon Web Services demo android notes app, the documentation regarding which is provided by AWS. I have included the three services: Cognito for Authentication, Analytics and DynamoDB.
I am not able to test the app on the emulator as it gives the java.security.cert.CertPathValidatorException as soon as I click sign in button. I googled about the error and found about trusting all certificates, using custom trust managers which I cannot implement(and I found quite complicated to understand as I am new to android/java) as everything related to connections is been handled by the AWS android sdk.
Below sharing the code and the logcat:
Code:
package com.amazonaws.mobile.samples.mynotes;
import android.app.Activity;
import android.content.Intent;
import android.support.v7.app.AppCompatActivity;
import android.os.Bundle;
import android.view.View;
import android.widget.TextView;
import android.widget.Toast;
import com.amazonaws.mobile.auth.core.DefaultSignInResultHandler;
import com.amazonaws.mobile.auth.core.IdentityManager;
import com.amazonaws.mobile.auth.core.IdentityProvider;
import com.amazonaws.mobile.auth.ui.AuthUIConfiguration;
import com.amazonaws.mobile.auth.ui.SignInActivity;
public class AuthenticatorActivity extends AppCompatActivity {
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_authenticator);
final IdentityManager identityManager = AWSProvider.getInstance().getIdentityManager();
identityManager.setUpToAuthenticate(this, new DefaultSignInResultHandler() {
@Override
public void onSuccess(Activity callingActivity, IdentityProvider provider) {
Toast.makeText(AuthenticatorActivity.this,
String.format("Logged in as %s",identityManager.getCachedUserID()),
Toast.LENGTH_LONG).show();
//Going to main activity
final Intent intent = new Intent(callingActivity, NoteListActivity.class)
.setFlags(Intent.FLAG_ACTIVITY_CLEAR_TOP);
callingActivity.startActivity(intent);
callingActivity.finish();
}
@Override
public boolean onCancel(Activity callingActivity) {
return false;
}
});
//Starting authentication UI
AuthUIConfiguration config = new AuthUIConfiguration.Builder()
.userPools(true)
.build();
SignInActivity.startSignInActivity(this, config);
AuthenticatorActivity.this.finish();
}
}
Logcat:
02-20 15:37:08.794 1672-1691/com.amazonaws.mobile.samples.notes I/TargetingClient: AmazonClientException occurred during endpoint update:
com.amazonaws.AmazonClientException: Unable to execute HTTP request: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:441)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:212)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.invoke(AmazonCognitoIdentityClient.java:559)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.getId(AmazonCognitoIdentityClient.java:445)
at com.amazonaws.auth.AWSAbstractCognitoIdentityProvider.getIdentityId(AWSAbstractCognitoIdentityProvider.java:172)
at com.amazonaws.auth.AWSAbstractCognitoIdentityProvider.refresh(AWSAbstractCognitoIdentityProvider.java:313)
at com.amazonaws.auth.AWSBasicCognitoIdentityProvider.refresh(AWSBasicCognitoIdentityProvider.java:77)
at com.amazonaws.mobile.auth.core.IdentityManager$AWSRefreshingCognitoIdentityProvider.refresh(IdentityManager.java:178)
at com.amazonaws.auth.CognitoCredentialsProvider.startSession(CognitoCredentialsProvider.java:658)
at com.amazonaws.auth.CognitoCredentialsProvider.getCredentials(CognitoCredentialsProvider.java:445)
at com.amazonaws.auth.CognitoCachingCredentialsProvider.getCredentials(CognitoCachingCredentialsProvider.java:485)
at com.amazonaws.mobile.auth.core.IdentityManager$AWSCredentialsProviderHolder.getCredentials(IdentityManager.java:82)
at com.amazonaws.services.pinpoint.AmazonPinpointClient.invoke(AmazonPinpointClient.java:3290)
at com.amazonaws.services.pinpoint.AmazonPinpointClient.updateEndpoint(AmazonPinpointClient.java:3053)
at com.amazonaws.mobileconnectors.pinpoint.targeting.TargetingClient$1.run(TargetingClient.java:194)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1133)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:607)
at java.lang.Thread.run(Thread.java:761)
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:361)
at com.android.okhttp.Connection.connectTls(Connection.java:235)
at com.android.okhttp.Connection.connectSocket(Connection.java:199)
at com.android.okhttp.Connection.connect(Connection.java:172)
at com.android.okhttp.Connection.connectAndSetOwner(Connection.java:367)
at com.android.okhttp.OkHttpClient$1.connectAndSetOwner(OkHttpClient.java:130)
at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:329)
at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:246)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:457)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:126)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.getOutputStream(HttpURLConnectionImpl.java:257)
at com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.getOutputStream(DelegatingHttpsURLConnection.java:218)
at com.android.okhttp.internal.huc.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java)
at com.amazonaws.http.UrlHttpClient.writeContentToConnection(UrlHttpClient.java:162)
at com.amazonaws.http.UrlHttpClient.execute(UrlHttpClient.java:75)
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:371)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:212)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.invoke(AmazonCognitoIdentityClient.java:559)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.getId(AmazonCognitoIdentityClient.java:445)
at com.amazonaws.auth.AWSAbstractCognitoIdentityProvider.getIdentityId(AWSAbstractCognitoIdentityProvider.java:172)
at com.amazonaws.auth.AWSAbstractCognitoIdentityProvider.refresh(AWSAbstractCognitoIdentityProvider.java:313)
at com.amazonaws.auth.AWSBasicCognitoIdentityProvider.refresh(AWSBasicCognitoIdentityProvider.java:77)
at com.amazonaws.mobile.auth.core.IdentityManager$AWSRefreshingCognitoIdentityProvider.refresh(IdentityManager.java:178)
at com.amazonaws.auth.CognitoCredentialsProvider.startSession(CognitoCredentialsProvider.java:658)
at com.amazonaws.auth.CognitoCredentialsProvider.getCredentials(CognitoCredentialsProvider.java:445)
at com.amazonaws.auth.CognitoCachingCredentialsProvider.getCredentials(CognitoCachingCredentialsProvider.java:485)
at com.amazonaws.mobile.auth.core.IdentityManager$AWSCredentialsProviderHolder.getCredentials(IdentityManager.java:82)
at com.amazonaws.services.pinpoint.AmazonPinpointClient.invoke(AmazonPinpointClient.java:3290)
at com.amazonaws.services.pinpoint.AmazonPinpointClient.updateEndpoint(AmazonPinpointClient.java:3053)
at com.amazonaws.mobileconnectors.pinpoint.targeting.TargetingClient$1.run(TargetingClient.java:194)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1133)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:607)
at java.lang.Thread.run(Thread.java:761)
Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
at com.android.org.conscrypt.TrustManagerImpl.verifyChain(TrustManagerImpl.java:563)
at com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:444)
at com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:508)
at com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:508)
at
02-20 15:37:14.136 1672-1693/com.amazonaws.mobile.samples.notes W/EventRecorder: Unable to successfully deliver events to server. Events will be saved, error likely recoverable.Unable to execute HTTP request: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
02-20 15:37:14.137 1672-1693/com.amazonaws.mobile.samples.notes I/EventRecorder: Time of attemptDelivery: 10341
02-20 15:37:14.143 1672-1693/com.amazonaws.mobile.samples.notes I/EventRecorder: Recorded profile to client pinpointContext.
02-20 15:37:14.144 1672-1693/com.amazonaws.mobile.samples.notes I/EventRecorder: Recorded profile to client pinpointContext.
02-20 15:37:14.146 1672-1693/com.amazonaws.mobile.samples.notes I/EventRecorder: Recorded profile to client pinpointContext.
02-20 15:37:14.147 1672-1693/com.amazonaws.mobile.samples.notes I/EventRecorder: Recorded profile to client pinpointContext.
02-20 15:37:14.148 1672-1693/com.amazonaws.mobile.samples.notes I/EventRecorder: Recorded profile to client pinpointContext.
02-20 15:37:14.149 1672-1693/com.amazonaws.mobile.samples.notes I/EventRecorder: Recorded profile to client pinpointContext.
02-20 15:37:14.150 1672-1693/com.amazonaws.mobile.samples.notes I/EventRecorder: Recorded profile to client pinpointContext.
02-20 15:37:14.152 1672-1693/com.amazonaws.mobile.samples.notes I/EventRecorder: Recorded profile to client pinpointContext.
02-20 15:37:14.153 1672-1693/com.amazonaws.mobile.samples.notes I/EventRecorder: Recorded profile to client pinpointContext.
02-20 15:37:14.155 1672-1693/com.amazonaws.mobile.samples.notes I/EventRecorder: Recorded profile to client pinpointContext.
02-20 15:37:14.156 1672-1693/com.amazonaws.mobile.samples.notes I/EventRecorder: Recorded profile to client pinpointContext.
02-20 15:37:14.157 1672-1693/com.amazonaws.mobile.samples.notes I/EventRecorder: Recorded profile to client pinpointContext.
02-20 15:37:14.159 1672-1693/com.amazonaws.mobile.samples.notes I/EventRecorder: Recorded profile to client pinpointContext.
02-20 15:37:14.160 1672-1693/com.amazonaws.mobile.samples.notes I/EventRecorder: Recorded profile to client pinpointContext.
02-20 15:37:14.161 1672-1693/com.amazonaws.mobile.samples.notes I/EventRecorder: Recorded profile to client pinpointContext.
02-20 15:37:14.162 1672-1693/com.amazonaws.mobile.samples.notes I/EventRecorder: Recorded profile to client pinpointContext.
02-20 15:37:14.164 1672-1693/com.amazonaws.mobile.samples.notes I/EventRecorder: Recorded profile to client pinpointContext.
02-20 15:37:14.165 1672-1693/com.amazonaws.mobile.samples.notes I/EventRecorder: Recorded profile to client pinpointContext.
02-20 15:37:14.168 1672-1693/com.amazonaws.mobile.samples.notes I/EventRecorder: Recorded profile to client pinpointContext.
02-20 15:37:14.169 1672-1693/com.amazonaws.mobile.samples.notes I/EventRecorder: Recorded profile to client pinpointContext.
02-20 15:37:14.177 1672-1693/com.amazonaws.mobile.samples.notes D/CognitoCachingCredentialsProvider: Loading credentials from SharedPreferences
02-20 15:37:14.177 1672-1693/com.amazonaws.mobile.samples.notes D/CognitoCachingCredentialsProvider: No valid credentials found in SharedPreferences
02-20 15:37:14.177 1672-1693/com.amazonaws.mobile.samples.notes D/AWSRefreshingCognitoIdentityProvider: Refreshing token...
02-20 15:37:20.721 1672-1693/com.amazonaws.mobile.samples.notes W/EventRecorder: Unable to successfully deliver events to server. Events will be saved, error likely recoverable.Unable to execute HTTP request: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
02-20 15:37:20.721 1672-1693/com.amazonaws.mobile.samples.notes I/EventRecorder: Time of attemptDelivery: 6584
