3

My current Android project requires access to protected RESTFul API endpoints.

My organisation employs zScaler as its VPN and I need to test my prototype Android application on real devices.

I have zScaler installed on my work laptop and can successfully complete the API calls via POSTMAN desktop application.

However having installed the zScaler Client Connector application I am unable to make the same RESTful API calls from a real device.

I have successfully SSO signed in to zScaler Client Connector application using my organisations credentials and installed the zScaler ssl certificate.

When I attempt to make the API calls from a real device, I receive a SSL Handshake exception or java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

My Android application supports these versions

minSdkVersion 26
targetSdkVersion 30

Is it possible to employ zScaler Client Connector application as a VPN on Android versions above?

Where am I going wrong?

Hector
  • 4,016
  • 21
  • 112
  • 211
  • Did you take a look at this? https://developer.android.com/training/articles/security-ssl#CommonProblems – Mayur Gajra Sep 18 '21 at 10:02
  • Hi @Hector, any update ? The error you seem to be getting is not related to you vpn. IMHO the vpn is working well. What you may be encountering is your application dealing with self signed certificate. – Paulo Sep 24 '21 at 09:32
  • They are a few way to address this issue. The fastest one could be to disable ssl verification, however this is a big security breach !!! Or you could try to understand why your certificate is not verifiable. It is well explained here : https://stackoverflow.com/questions/6825226/trust-anchor-not-found-for-android-ssl-connection – Paulo Sep 24 '21 at 09:36
  • its more to do with this BUG Google has created in its ill thought out attempt to increase security https://issuetracker.google.com/issues/168169729, actually producing an end result of users being more exposed now – Hector Sep 24 '21 at 10:24

0 Answers0