0

This is my simple app code:

MainActivity.java:

import android.support.v7.app.AppCompatActivity;
import android.os.Bundle;
import android.widget.ImageView;
import android.widget.TextView;
import com.bumptech.glide.Glide;
import com.bumptech.glide.load.resource.drawable.GlideDrawable;
import com.bumptech.glide.request.RequestListener;
import okhttp3.MediaType;

public class MainActivity extends AppCompatActivity {

    TextView error_txt;
    ImageView avatar;

    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_main);

        avatar = (ImageView) findViewById(R.id.avatar);
        error_txt =  (TextView) findViewById(R.id.error_log);    


        Glide.with(this).load("https://media.didestan.com/v1/image/w256h144/5bfbada9d833cs6ruNVbEtu78AOIycqb2.jpg")
            .listener(new RequestListener<String, GlideDrawable>() {
                @Override
                public boolean onException(Exception e, String model, com.bumptech.glide.request.target.Target<GlideDrawable> target, boolean isFirstResource) {
                    error_txt.setText(e.getMessage());
                    return false;
                }

                @Override
                public boolean onResourceReady(GlideDrawable resource, String model, com.bumptech.glide.request.target.Target<GlideDrawable> target, boolean isFromMemoryCache, boolean isFirstResource) {
                    return false;
                }

            }).into(avatar);

    }
}

activity_main.xml:

<?xml version="1.0" encoding="utf-8"?>
<RelativeLayout xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:tools="http://schemas.android.com/tools"
android:id="@+id/activity_main"
android:layout_width="match_parent"
android:layout_height="match_parent"
android:paddingBottom="@dimen/activity_vertical_margin"
android:paddingLeft="@dimen/activity_horizontal_margin"
android:paddingRight="@dimen/activity_horizontal_margin"
android:paddingTop="@dimen/activity_vertical_margin"
tools:context="com.journaldev.okhttp.MainActivity">


<ImageView
    android:id="@+id/avatar"
    android:layout_width="368dp"
    android:layout_height="225dp"
    android:layout_alignParentStart="true"
    android:layout_alignParentLeft="true"
    android:layout_alignParentTop="true"
    android:layout_alignParentEnd="true"
    android:layout_alignParentRight="true"
    android:layout_marginStart="0dp"
    android:layout_marginLeft="0dp"
    android:layout_marginEnd="0dp"
    android:layout_marginRight="0dp"
    android:background="@drawable/ic_launcher_background" />

<TextView
    android:id="@+id/error_log"
    android:layout_width="368dp"
    android:layout_height="120dp"
    android:layout_alignParentBottom="true"
    android:layout_marginTop="181dp"
    android:layout_marginBottom="10dp"
    android:text="TextView" />
</RelativeLayout>

It work correct in android version >5 but in android versions 4.1 - 4.4 i have an error and image not loaded:

java.security.cert.CertPathValidatorException: Trust anchor for certification path not found

1- How can i solve this error ?

2- I think that if i change tls to 1.1 it will work correct. now how can i force that to use tls 1.1 (important)?

It's a matter of sink or swim :) , please help me

Edit:

compileSdkVersion 28      
minSdkVersion 16 // It is important to be 16. I want to support android 4
targetSdkVersion 28
hossein ketabi
  • 480
  • 7
  • 19

2 Answers2

1

Repeated question probably , you will have to over ride it . check this post .

How to enable TLS 1.2 support in an Android application (running on Android 4.1 JB)

Alfeardo
  • 29
  • 5
1

If you have control over the server

The image link provided by OP has a broken certificate chain, and should instead focus on fixing that.

If you have no control over the server

If you are writing for Android 5 you can do the following to connect using TLSV1.1 forcefully. I'm assuming you are using GlideV4.0.0.0 or above, In your AppGlideModule.java:

@GlideModule
private class CustomGlideModule extends AppGlideModule {

    @Override
    public void registerComponents(Context context, Glide glide, Registry registry) {
    ConnectionSpec spec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
        .tlsVersions(TlsVersion.TLS_1_1)
        .cipherSuites(
              CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
              CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
              CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256)
        .build();

    OkHttpClient client = new OkHttpClient.Builder()
        .connectionSpecs(Collections.singletonList(spec))
        .build();

    OkHttpUrlLoader.Factory factory = new OkHttpUrlLoader.Factory(client);

    glide.getRegistry().replace(GlideUrl.class, InputStream.class, factory);
}

Note: I have not tested the above code on any device and it may not work as is.

This will enable TLS V1.1 for all requests made from Glide, but will probably only work on Android 5+, I have not tested this for Kitkat.

If however you are stuck with Kitkat, you can create a CustomSocketFactory (follow @Alfeardo's link) enable TLSV1.1 and set the socket factory in either your Application or Activity

SSLContext sslcontext = SSLContext.getInstance("TLSv1.1");
sslcontext.init(null, null, null);
SSLSocketFactory customSocketFactory = new SecureTLSSocketFactory(sslcontext.getSocketFactory());

HttpsURLConnection.setDefaultSSLSocketFactory(customSocketFactory);

however this will enable TLSV1.1 for all requests made from your application and you'll lose any advantage you could of using the latest TLS version.

Note :

You might also want to take a look at Glide Docs: Certificate Pinning and Customizing Trusted Certificates. I have never used it and have little to no idea how they work.

Abbas
  • 3,529
  • 5
  • 36
  • 64