2

I am working on a Xamarin Form that need to call httpclient to consume company's internal https REST api.

Unfortunately, it return with this error 

Javax.Net.Ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

How can i resolve this?

Android
  • 1,420
  • 4
  • 13
  • 23
DEN
  • 1,893
  • 7
  • 27
  • 51

1 Answers1

1

To bypass certification validation you can:

In Android Build options choose

HttpClient Implementation: AndroidClientHandler
SSL/TLS implementation: Default (Native TLS 1.2+)

In MainActivity.cs add this

ServicePointManager.ServerCertificateValidationCallback += (o, cert, chain, errors) => true;

In the Httpclient init change this

var httpClient = new HttpClient();

To

var httpClient = new HttpClient(new System.Net.Http.HttpClientHandler());
Bruno Caceiro
  • 7,035
  • 1
  • 26
  • 45
  • Hi Bruno, I can't find the Android build option. Is this available in xamarin form, visual studio 2017? – DEN Jun 17 '19 at 02:06
  • Yes, it is. Right Click android solution, and options – Bruno Caceiro Jun 17 '19 at 09:16
  • 1
    Thanks bruno, i was able to find it with "Right click on android solution >> Properties >> Android Options >> Advanced" It is working fine by implementing your suggestion. thanks again ! – DEN Jun 17 '19 at 11:40
  • Hi DEN, glad I could help! – Bruno Caceiro Jun 17 '19 at 13:15
  • Do not leave this in production code! It disables certificate chain validation and enables man-in-the-middle attacks. For development that can be handy (using Fiddler to see what's going on) but in production you wouldn't want a third party sniffing your traffic. – Louis Somers Jun 28 '21 at 07:12