2

Since Android ICS we have problems to verify our certificates we are getting from the HttpsUrlConnection. In the earlier versions of android this was working well. This is what we are trying to do:

BrowserCompatHostnameVerifier hostNameVerifier = new BrowserCompatHostnameVerifier();
HttpsURLConnection.setDefaultHostnameVerifier(hostNameVerifier);
URL url = new URL(serverUrl);
this.urlConnection = (HttpsURLConnection) url.openConnection();
this.urlConnection.connect();
hostNameVerifier.verify(urlConnection.getURL().getHost(),
(X509Certificate) urlConnection.getServerCertificates()[0]);

The exception which is thrown is:

java.lang.IllegalStateException at libcore.net.http.HttpEngine.getCacheResponse(HttpEngine.java:412) at libcore.net.http.HttpsURLConnectionImpl$HttpUrlConnectionDelegate.getCacheResponse(HttpsURLConnectionImpl.java:390) at libcore.net.http.HttpsURLConnectionImpl.getServerCertificates(HttpsURLConnectionImpl.java:87)

Does somebody know what could have gone wrong and why it only persists since ICS?

Thanks!

----- Update ------- Now I made my own HostnameVerifier like this. I avoid the getServerCertificates()-method like this and it is working:

    public class MyHostNameVerifier implements HostnameVerifier {

    private String expectedHost;

    public MyHostNameVerifier(String expectedHost) {
        this.expectedHost = expectedHost;
    }

    @Override
    public boolean verify(String hostname, SSLSession session) {
        return expectedHost.equals(hostname);
    }
}
zubke
  • 33
  • 1
  • 6

1 Answers1

0

try to check out below links related to your problem.

http://developer.android.com/reference/javax/net/ssl/HttpsURLConnection.html

Android: HTTPS (SSL) connection using HttpsURLConnection

httpclient ssl certificate on android

KeyStore keyStore = ...;
 TrustManagerFactory tmf = TrustManagerFactory.getInstance("X509");
 tmf.init(keyStore);
 SSLContext context = SSLContext.getInstance("TLS");
 context.init(null, tmf.getTrustManagers(), null);
 URL url = new URL("https://www.example.com/");
 HttpsURLConnection urlConnection = (HttpsURLConnection) url.openConnection();
 urlConnection.setSSLSocketFactory(context.getSocketFactory());
 InputStream in = urlConnection.getInputStream();
Community
  • 1
  • 1
Maneesh
  • 6,098
  • 5
  • 36
  • 55
  • The links are not helping me. My problem is only related with Android 4. On 2 and 3 they are working. – zubke Dec 06 '11 at 12:50
  • I think they made some modification in ICS..pleease look at link http://android-developers.blogspot.com/2011/09/androids-http-clients.html – Maneesh Dec 06 '11 at 12:56