How to connect to private url with private ssl certificate

Question

I am trying to connect my android app to a url belonging to a private company in order to retrieve and send information. When I do so however I receive an error Trust anchor for certification path not found, the ssl certificate for the url is valid though, I did research and I used the following code I used to trust the certificate in a class Http TrustManager

         public class HttpsTrustManager {
public void trust() throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException {

    CertificateFactory cf = CertificateFactory.getInstance("X.509");

    InputStream caInput = new BufferedInputStream(new FileInputStream("load-der.crt"));
    Certificate ca;
    try {
        ca = cf.generateCertificate(caInput);
        out.println("ca=" + ((X509Certificate) ca).getSubjectDN());
    } finally {
        caInput.close();
    }

    String keyStoreType = KeyStore.getDefaultType();
    KeyStore keyStore = KeyStore.getInstance(keyStoreType);
    keyStore.load(null, null);
    keyStore.setCertificateEntry("ca", ca);

    String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
    TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
    tmf.init(keyStore);


    SSLContext context = null;
    try {
        context = SSLContext.getInstance("TLS");
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    }
    try {
        context.init(null, tmf.getTrustManagers(), null);
    } catch (KeyManagementException e) {
        e.printStackTrace();
    }

    // Tell the URLConnection to use a SocketFactory from our SSLContext
    URL url = new URL("https://systems.syspearl.com/api");
    HttpsURLConnection urlConnection =
            (HttpsURLConnection) url.openConnection();
    urlConnection.setSSLSocketFactory(context.getSocketFactory());
    InputStream in = urlConnection.getInputStream();
    IOUtils.copyStream(in,out);

}

And this is how I call it in the main activity

       new HttpsTrusrtManger().trust();

This doesn't work however. Please render necessary help

No I did not, I do have the certificate though In res/raw/my_ca, how would I load in place of load-Der.crt? — Bwalya, Sep 25 '19 at 09:01
You need to get the server certificate and store in assests folder or somewhere and then load it. Google for getting server certificate. Also there is whole documentation on android dev site using opnessl — Raghunandan, Sep 25 '19 at 09:02
I have the certificate in res file, how would I load it in place of load-Der.crt? — Bwalya, Sep 25 '19 at 09:03
https://stackoverflow.com/questions/15912825/how-to-read-file-from-res-raw-by-name — Raghunandan, Sep 25 '19 at 09:05
also in newer version you should follow https://developer.android.com/training/articles/security-config — Raghunandan, Sep 25 '19 at 09:10
When I use getResources in the class it says cannot resolve symbol 'get Resources' — Bwalya, Sep 25 '19 at 09:13
it needs a context. you need to pass context from somewhere. al;so if you use network config https://knowledge.digicert.com/solution/SO28771.html use opnssl and get the sha256 and add it in xml — Raghunandan, Sep 25 '19 at 09:14
It failed to work, I am still getting the same trust anchor error — Bwalya, Sep 28 '19 at 16:41
Is the certificate supposed to be added to android studio as an xml file? — Bwalya, Sep 28 '19 at 16:43

How to connect to private url with private ssl certificate

0 Answers0