3

I am facing a problem to call https from Android. Can any one please help with steps to connect to the https server.

I tried to connect to google with https and its working fine but when I try to connect to my local server, I am facing problems.

  1. want to connect a RESTful web service with https

  2. want to connect a SOAP based web service developed using JAX-WS with https.

  3. Code to connect with RESTFul

    HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;

DefaultHttpClient client = new DefaultHttpClient();

SchemeRegistry registry = new SchemeRegistry();
SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory();
socketFactory.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
registry.register(new Scheme("https", socketFactory, 443));
SingleClientConnManager mgr = new SingleClientConnManager(client.getParams(), registry);
DefaultHttpClient httpClient = new DefaultHttpClient(mgr, client.getParams());

// Set verifier     
HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);

// Example send http request
 //final String url = "https://encrypted.google.com/";
 final String url = "https://ipaddress:8181/RESTTest/cars";
 HttpPost httpPost = new HttpPost(url);
  try{
     HttpResponse response = httpClient.execute(httpPost);
     System.out.println(response);
 }catch(Exception e){
     e.printStackTrace();
 }

    its working fine for google but not working for my server and it's giving

    javax.net.ssl.SSLException: Not trusted server certificate

  4. Code for connect with SOAP:

    public String getString(final String methodName, Map<String, Object>        params)        throws     Exception {
HttpTransportSE httpsTransportSE = new         HttpTransportSE("https://ipaddress:8181/BankingWS/banking?wsdl");

try {
    SoapObject request = new SoapObject("https://test/",
            methodName);
    if(params != null && params.size() > 0){
        Set<String> keys = params.keySet();
        Iterator<String> iterator = keys.iterator();
        while(iterator.hasNext()){
            String key = iterator.next();
            request.addProperty(key, params.get(key));
            key = null;
        }
    }
    SoapSerializationEnvelope envelope = new SoapSerializationEnvelope(
            SoapEnvelope.VER11);
    envelope.setOutputSoapObject(request);

    TrustManagerManipulator.allowAllSSL();
    httpsTransportSE.call(methodName, envelope);

    SoapPrimitive sp = (SoapPrimitive) envelope.getResponse();

    return sp.toString();
} catch (Exception exception) {
    System.out.println(exception.toString());
    throw exception;
}
}

    In above code using the TrustManagerManipulator from following link: http://abhinavasblog.blogspot.com/2011/07/allow-untrusted-certificate-for-https.html

This is also not working and when I check the response code it's giving

SoapFault - faultcode: 'S:Client' faultstring: 'Cannot find dispatch method for {test.WSEndPointPort}authenticate' faultactor: 'null' detail: null

Please help to fix this problem, as I am not able to call https from Android by any way :(

Thank you very much for your time and efforts.

Thank you, Ishan

Vicky Kapadia
  • 6,025
  • 2
  • 24
  • 30
Ishan
  • 303
  • 2
  • 4
  • 11

1 Answers1

1

You need to create a X509TrustManager which bypass all the security check. You can find an example in this similar questions:

Make a connection to a HTTPS server from Java and ignore the validity of the security certificate

or

How to ignore SSL certificate errors in Apache HttpClient 4.0

Community
  • 1
  • 1
neteinstein
  • 17,529
  • 11
  • 93
  • 123
  • Hi NeTeInStEiN, Thank you for your reply. Let I check with it in my code. Thank you, – Ishan Dec 10 '11 at 16:49
  • 2
    @NeTeInStEiN if we ignore that does it break any security? Main purpose of using SSL is to secure your communication over the internet. By ignoring does it make any difference? – Scorpion Feb 14 '14 at 03:14