1

I want to download an apk file from https://url . when i first tried downloading , it said

java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

so i searched internet and addd , network_secuirty_config.xml file .

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <domain-config>
        <domain includeSubdomains="true">companyName.in</domain>
        <trust-anchors>
            <certificates src="@raw/rapid"/>
        </trust-anchors>
        <domain-config cleartextTrafficPermitted="true">
            <domain includeSubdomains="true">phantom.companyName.in</domain>
        </domain-config>
    </domain-config>
</network-security-config>

Now the error is

Stop requested with status HTTP_DATA_ERROR: Hostname phantom.companyName.in not verified:

i have searched every where but couldn't find a way to resolve the error. This is my download manager request enqueue code.

//create download request
        DownloadManager.Request request = new DownloadManager.Request(uri);
        //allow types of network to download files
        request.setAllowedNetworkTypes(DownloadManager.Request.NETWORK_WIFI | DownloadManager.Request.NETWORK_MOBILE);
        request.setMimeType(FileUtils.getMimeType(uri.toString()));
        request.setTitle("Download");
        request.setDescription("Downloading File...");
        request.allowScanningByMediaScanner();
        request.setNotificationVisibility(DownloadManager.Request.VISIBILITY_VISIBLE_NOTIFY_COMPLETED);
                   request.setDestinationInExternalFilesDir(this, Environment.DIRECTORY_DOWNLOADS, "/" + filename);

        //get download service and enqueue file
        DownloadManager manager = (DownloadManager) getSystemService(DOWNLOAD_SERVICE);
        m_downloadID = manager.enqueue(request);

PS:- I have added an hostname verifier for normal https requests inside the application, This is how i send https requests.

Kotha Praneeth Sai
  • 77
  • 10
  • `DownloadManager` is doing its downloads through a separate system-supplied process. It is designed for downloading from public URLs using standard certificate authorities. I do not think that you can teach it about your self-signed or custom-CA-supplied certificate. Why not download the content yourself, if you have that configured in your app? – CommonsWare Nov 01 '20 at 12:46
  • I suppose I can use volley to download , but isn't download manager used to download things? like new apk update. it also shows the percentage of download in notification bar, but volley doesn't. – Kotha Praneeth Sai Nov 04 '20 at 04:38
  • "but isn't download manager used to download things?" -- public things with standard SSL/TLS configuration, yes. That does not fit your situation. – CommonsWare Nov 04 '20 at 11:36

0 Answers0