0

I'm working on Android application that call some web services from my server. I have created a Self-Signed Certificate from IIS to test calling APIs over https but failed with SSLPeerUnverifiedException exception.

I already ask a question on stackoverflow regarding this Call API on server that is signed using Self-Signed Certificate

After some digging and searching how to solve issue, I try the solution from following stackoverflow answer

When I try to read server certificate information using openssl I get following Certificate chain:

Certificate chain
 0 s:/CN=\x00S\x00S\x00_\x00C\x00E\x00M\x00_\x005\x00_\x004
   i:/CN=\x00S\x00S\x00_\x00C\x00E\x00M\x00_\x005\x00_\x004

My server name is SS_CEM_5_4, and above exception indicate that verifying host name failed.

Are these \x00 characters before each CN character is the problem, which lead to mismatch between certificate host name and server name?

I'm not sure what I'm doing wrong? Where should I start looking for the solution, generating certificate or my application?

Note: I create a new thread for this question to focus on certificate rather than my Android application.

Ebraheem
  • 603
  • 6
  • 24
  • 1
    "Are these \x00 characters before each CN character is the problem", yes they should not be there. It looks like some encoding error, like UTF-16 or something. How was the certificate generated in the first place? You do not say... – Patrick Mevzek Sep 03 '19 at 21:35
  • I generate certificate using `IIS` after generating it using `PowerShell New-SelfSignedCertificate` it worked successfully. For anyone who is facing same problem I will answer my [first question](https://stackoverflow.com/q/57760354/4496429) with details. – Ebraheem Sep 04 '19 at 06:38

0 Answers0