Comment on Android: Trusting SSL certificates by Pavel

Pavel — Mon, 06 Feb 2012 13:16:26 +0000

I really need it.

Comment on Android: Trusting SSL certificates by Pavel

Pavel — Mon, 06 Feb 2012 12:16:15 +0000

Please make me keystore for api.mymobigift.com

Comment on Android: Trusting SSL certificates by Maragues

Maragues — Tue, 10 Jan 2012 09:39:07 +0000

Thank you so much, you helped me not only to make my app work, but to understand all this SSL mess.

Comment on Meine Asia-Pacific Reise beginnt mit einem grossen Vogel by Philippe Schnyder

Philippe Schnyder — Mon, 02 Jan 2012 19:08:10 +0000

Hallo Antoine
Schön von dir zu hören. Der RSS-Feed funktioniert auf jeden Fall!
Freue mich schon auf mehr…

Comment on Android: Trusting SSL certificates by malarprathap

malarprathap — Fri, 09 Dec 2011 15:02:29 +0000

Hi,
I have tried above code but i got the following exception.

12-09 14:53:22.657: WARN/System.err(4667): 12-09 14:53:22.657: WARN/System.err(4667): 12-09 14:53:22.657: WARN/System.err(4667): 12-09 14:53:22.657: WARN/System.err(4667): 12-09 14:53:22.667: WARN/System.err(4667): 12-09 14:53:22.667: WARN/System.err(4667): 12-09 14:53:22.667: WARN/System.err(4667): 12-09 14:53:22.667: WARN/System.err(4667): 12-09 14:53:22.667: WARN/System.err(4667): 12-09 14:53:22.667: WARN/System.err(4667): 12-09 14:53:22.667: WARN/System.err(4667): 12-09 14:53:22.667: WARN/System.err(4667): 12-09 14:53:22.667: WARN/System.err(4667): 12-09 14:53:22.667: WARN/System.err(4667): 12-09 14:53:22.677: WARN/System.err(4667): 12-09 14:53:22.677: WARN/System.err(4667): 12-09 14:53:22.677: WARN/System.err(4667): 12-09 14:53:22.677: WARN/System.err(4667): 12-09 14:53:22.677: WARN/System.err(4667): 12-09 14:53:22.677: WARN/System.err(4667): 12-09 14:53:22.677: WARN/System.err(4667): 12-09 14:53:22.677: WARN/System.err(4667): 12-09 14:53:22.677: WARN/System.err(4667): 12-09 14:53:22.677: WARN/System.err(4667): 12-09 14:53:22.677: WARN/System.err(4667): 12-09 14:53:22.687: WARN/System.err(4667): 12-09 14:53:22.687: WARN/System.err(4667): 12-09 14:53:22.687: WARN/System.err(4667): 12-09 14:53:22.687: WARN/System.err(4667): 12-09 14:53:22.697: WARN/System.err(4667): 12-09 14:53:22.697: WARN/System.err(4667): 12-09 14:53:22.697: WARN/System.err(4667): 12-09 14:53:22.697: WARN/System.err(4667): javax.net.ssl.SSLException: Not trusted server certificate
at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:371)
at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:92)
at org.apache.http.conn.ssl.SSLSocketFactory.createSocket(SSLSocketFactory.java:381)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:164)
at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164)
at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:348)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465)
at com.dev.env.RestJsonClient.connect(RestJsonClient.java:102)
at com.dev.env.HttpTestProjectActivity$1.onClick(HttpTestProjectActivity.java:32)
at android.view.View.performClick(View.java:2408)
at android.view.View$PerformClick.run(View.java:8816)
at android.os.Handler.handleCallback(Handler.java:587)
at android.os.Handler.dispatchMessage(Handler.java:92)
at android.os.Looper.loop(Looper.java:123)
at android.app.ActivityThread.main(ActivityThread.java:4627)
at java.lang.reflect.Method.invokeNative(Native Method)
at java.lang.reflect.Method.invoke(Method.java:521)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:868)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:626)
at dalvik.system.NativeStart.main(Native Method)
Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: IssuerName(CN=VeriSign Class 3 Public Primary Certification Authority – G5, OU=”(c) 2006 VeriSign, Inc. – For authorized use only”, OU=VeriSign Trust Network, O=”VeriSign, Inc.”, C=US) does not match SubjectName(CN=VeriSign Class 3 Extended Validation SSL CA, OU=Terms of use at https://www.verisign.com/rpa (c)06, OU=VeriSign Trust Network, O=”VeriSign, Inc.”, C=US) of signing certificate
at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:168)
at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:366)
… 22 more
Caused by: java.security.cert.CertPathValidatorException: IssuerName(CN=VeriSign Class 3 Public Primary Certification Authority – G5, OU=”(c) 2006 VeriSign, Inc. – For authorized use only”, OU=VeriSign Trust Network, O=”VeriSign, Inc.”, C=US) does not match SubjectName(CN=VeriSign Class 3 Extended Validation SSL CA, OU=Terms of use at https://www.verisign.com/rpa (c)06, OU=VeriSign Trust Network, O=”VeriSign, Inc.”, C=US) of signing certificate
at org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi.engineValidate(PKIXCertPathValidatorSpi.java:373)
at java.security.cert.CertPathValidator.validate(CertPathValidator.java:202)
at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:164)
… 23 more

Domain name : http://www.apptivo.com

how to resolve this issue?

Comment on Android: Trusting SSL certificates by MarchingHome

MarchingHome — Tue, 29 Nov 2011 16:17:36 +0000

You, sir, are my hero.

And hereby I ++ Anna’s comment.

Comment on Android: Trusting SSL certificates by ribben

ribben — Thu, 24 Nov 2011 22:03:52 +0000

Hello mate, excellent tutorial…

Please check this page’s root cert and intermediate
https://web.itc.auth.gr/PubCookie.reply

And also some noob question i get an error when i am trying to set HttpClient client = new MyHttpClient(getApplicationContext());

the getApplicationContext is the error…

I am eagerely waiting for your reply…
Once again thanks for the great tutorial!!!

Comment on Android: Trusting SSL certificates by Android Applications Download

Android Applications Download — Thu, 24 Nov 2011 14:28:58 +0000

I am not sure where you are getting your information, but good topic. I needs to spend some time studying more or figuring out more. Thanks for fantastic info I used to be searching for this info for my mission.

Comment on Android: Trusting SSL certificates by Anna

Anna — Wed, 23 Nov 2011 11:08:12 +0000

Thank you for a great post!

I had a problem with having a capital letter in “myKeystore.bks”. You might want to change the name in your article.

Comment on Android: Trusting SSL certificates by Antoine Hauck

Antoine Hauck — Thu, 10 Nov 2011 11:33:56 +0000

@Chris
When the imported (Root and Intermediate) certs expire, they need to be replaced with newer ones.

But AFAIK you must not deploy a new app, you could also implement a mechanism in your app to fetch a new keystore file or certificates and “install” them on the app. But I do not recommend this option due to security reasons.

Comments for Antoine Hauck's blog

Comment on Android: Trusting SSL certificates by Pavel

Comment on Android: Trusting SSL certificates by Pavel

Comment on Android: Trusting SSL certificates by Maragues

Comment on Meine Asia-Pacific Reise beginnt mit einem grossen Vogel by Philippe Schnyder

Comment on Android: Trusting SSL certificates by malarprathap

Comment on Android: Trusting SSL certificates by MarchingHome

Comment on Android: Trusting SSL certificates by ribben

Comment on Android: Trusting SSL certificates by Android Applications Download

Comment on Android: Trusting SSL certificates by Anna

Comment on Android: Trusting SSL certificates by Antoine Hauck