javax.net.ssl.SSLPeerUnverifiedException: No peer Certificate [Android]

Question

I'm using the following code to Verify Certificate Chain, Expiry Date, Domain Name, Trusted CA and Principal Signature of the server.

       SSLContext sslContext = CustomSSLContext.getSSLContext(mContext);
                        SSLSocketFactory factory = sslContext.getSocketFactory();
                        NetworkUtils.mSSLPrimarySocket= (SSLSocket) factory.createSocket(businessIp, businessPort);
                        NetworkUtils.mSSLPrimarySocket.setEnabledProtocols(new String[]{"TLSv1.2"});
                        NetworkUtils.mSSLPrimarySocket.setEnabledCipherSuites(sslContext.getServerSocketFactory().
                                getSupportedCipherSuites());
                        NetworkUtils.mSSLPrimarySocket.setUseClientMode(true);
 NetworkUtils.mSSLPrimarySocket.addHandshakeCompletedListener(
                                new HandshakeCompletedListener() {
                                    public void handshakeCompleted(
                                            HandshakeCompletedEvent event) {
                                        try {
                                            Certificate[] chain = NetworkUtils.mSSLPrimarySocket.getSession().getPeerCertificates();
                                            X509Certificate subject = (X509Certificate)  chain[0];
                                            X509Certificate issuer = (X509Certificate)  chain[1];
                                            X509Certificate ca = (X509Certificate)  chain[2];
                                            Date certifcateExpiryDate = neml.getNotAfter();
                                            // Next Steps :- Verify Certificate Chain, Expiry Date, Domain Name, Trusted CA and Principal Signature
                                                      .
                                                      .
                                                      .
                                        } catch (Exception e) {
                                            Logger.log(e);
                                        }

                                    }
                                }
                        );
                        NetworkUtils.mSSLPrimarySocket.startHandshake();

I can assure that the code works fine for the most part, it connects to the server and perform all the validation on completion of the handshake but the problem arises when I exit from my app and try to open the app again to create a new Socket connection and perform the handshake.

NetworkUtils.mSSLPrimarySocket.getSession().getPeerCertificates();

The above line inside the Handshake completed listener throws the following exception :-

javax.net.ssl.SSLPeerUnverifiedException: No peer Certificate

check this out-->https://stackoverflow.com/questions/18126372/safely-fixing-javax-net-ssl-sslpeerunverifiedexception-no-peer-certificate — Wini, Dec 03 '19 at 15:12
This link is irrelevant as I am using TCP SSLSocket to establish a connection with the server and it fails only when I exit my application and tries to reestablish the TCP Connection. — Yogesh Dande, Dec 03 '19 at 15:52
Don't enable all the supported cipher suites. That will add all the non-authenticating ones, which are insecure, and allow the server to not present a certificate, which is your problem. NB You don't need to verify the certificate chain or expiries yourself. JSSE already does all that. — user207421, Dec 04 '19 at 13:02

javax.net.ssl.SSLPeerUnverifiedException: No peer Certificate [Android]

0 Answers0