android - Self Signed Certificate - Trust anchor not found -


edit: bnk in comments has linked solution found here.

i'm sending off post requests via rest backend server (over lan), done on https. server has self signed certificate .pem file, works okay.

i'm trying connect different web server (over wan, through dns), self signed certificate .crt file (standard, ber/der format). now, although code same, receiving following exception:

java.security.cert.certpathvalidatorexception: trust anchor certification path not found.

i'm not sure why 1 server okay connect other not. not want trust certificates going on public internet.

my network code:

public httpsurlconnection setuphttpsconnection(string urlstring) {     try     {         // load cas inputstream         certificatefactory cf = certificatefactory.getinstance("x.509");          inputstream cainput = new bufferedinputstream(context.getassets().open("server.crt"));         certificate ca = cf.generatecertificate(cainput);         system.out.println("ca=" + ((java.security.cert.x509certificate) ca).getsubjectdn());          // create keystore containing our trusted cas         string keystoretype = keystore.getdefaulttype();         keystore keystore = keystore.getinstance(keystoretype);         keystore.load(null, null);         keystore.setcertificateentry("ca", ca);          // create trustmanager trusts cas in our keystore         string tmfalgorithm = trustmanagerfactory.getdefaultalgorithm();         trustmanagerfactory tmf = trustmanagerfactory.getinstance(tmfalgorithm);         tmf.init(keystore);          // create sslcontext uses our trustmanager         sslcontext sslcontext = sslcontext.getinstance("tls");         sslcontext.init(null, tmf.gettrustmanagers(), null);          // create all-trusting host name verifier         //  avoid following :         //   java.security.cert.certificateexception: no name matching         // because java default verifies certificate cn (common name)         // same host name in url. if not, web service client fails.         hostnameverifier allhostsvalid = new hostnameverifier() {             @override             public boolean verify(string arg0, sslsession arg1) {                 return true;             }         };         // install         httpsurlconnection.setdefaulthostnameverifier(allhostsvalid);          // tell urlconnection use socketfactory our sslcontext         url url = new url(urlstring);         httpsurlconnection urlconnection = null;         urlconnection = (httpsurlconnection)url.openconnection();         urlconnection.setsslsocketfactory(sslcontext.getsocketfactory());          return urlconnection;     }     catch (exception ex)     {         log.e("networkmanager", "failed establish ssl connection server: " + ex.tostring());         return null;     } }  /**  * represents asynchronous login/registration task used authenticate  * user.  */ public class posttask extends asynctask<postrequest, void, stringbuilder> {     posttask()     {     }      @override     protected void onpreexecute() {}      @override     protected stringbuilder doinbackground(postrequest... params)     {         outputstream os = null;          try {             httpsurlconnection urlconnection = setuphttpsconnection(params[0].url);             //sets maximum time wait input stream read complete before giving up.             urlconnection.setreadtimeout(30000);             //sets maximum time in milliseconds wait while connecting.             urlconnection.setconnecttimeout(20000);             urlconnection.setrequestmethod("post");             urlconnection.setdoinput(true);             urlconnection.setdooutput(true);              urlencodedformentity formentity = new urlencodedformentity(params[0].namevaluepairs);             os = urlconnection.getoutputstream();             formentity.writeto(os);              inputstream in = urlconnection.getinputstream();             stringbuilder ret = inputstreamtostring(in);              return ret;          } catch (ioexception e) {             log.i("networkerror", e.tostring());         } catch (exception e) {          } {             if (os != null) {                 try {                     os.close();                 } catch (ioexception ex) {                 }             }         }                      return null;     }      @override     protected void onpostexecute(stringbuilder result) {     }      @override     protected void oncancelled() {     } }

if correctly understand idea "all trusting", hostname verifier in code, can refer following:

let's assume server app hosting inside iis has server certificate in "issued to" "localhost", example. then, inside verify method can verify "localhost". 

hostnameverifier hostnameverifier = new hostnameverifier() {     @override     public boolean verify(string hostname, sslsession session) {         hostnameverifier hv =             httpsurlconnection.getdefaulthostnameverifier();         return hv.verify("localhost", session);     } };

-

Comments

Post a Comment

Popular posts from this blog

c# - Binding a comma separated list to a List<int> in asp.net web api -

the default binder in web api expecst http://url.com/webapi/report/?pageids=3243&pageids=2365 to bind public ihttpactionresult report(list<int> pageids){ // exciting webapi code} i wish bind http://url.com/webapi/report/?pageids=3243,2365 as running out of space in url get . i have created class public class commaseparatedmodelbinder : system.web.http.modelbinding.imodelbinder { public bool bindmodel(httpactioncontext actioncontext, modelbindingcontext bindingcontext) { //binding in here } } and registered in webapiconfig.cs var provider = new simplemodelbinderprovider( typeof(list<int>), new commaseparatedmodelbinder()); config.services.insert(typeof(modelbinderprovider), 0, provider); i have altered method signature use model binder so public ihttpactionresult report( [modelbinder] list<int> pageids){ // exciting webapi code} however break point in binder not being ...
Read more

how to prompt save As Box in Excel Interlop c# MVC 4 -

i want export excel sheet using excel interloop... i have datatable convert excel sheet... now there way save file using save dialogue box in mvc 4 here code public string datatabletoexcel(datatable dt, string htmlheading, string key) { try { microsoft.office.interop.excel.application excel; microsoft.office.interop.excel.workbook excelworkbook; microsoft.office.interop.excel.worksheet excelsheet; microsoft.office.interop.excel.range excelcellrange; excel = new microsoft.office.interop.excel.application(); excel.visible = false; excel.displayalerts = false; excelworkbook = excel.workbooks.add(type.missing); excelsheet = (microsoft.office.interop.excel.worksheet)excelworkbook.activesheet; excelsheet.name = "sheet1"; dataset ...
Read more

xslt 1.0 - How to access or retrieve mets content of an item from another item? -

my use case have item has link in item. example, item 123456789/152 has metadata field dc.relation.hasversion=123456789/717 . within item view of 123456789/152 , how can retrieve values of metadata of 123456789/717 ? example, want retrieve dc.language.iso value of 123456789/717 123456789/152 . i looked @ related items feature in dspace don't know how metadata displayed in related items list pulled items in list. i using dspace version 5.3 mirage 2 theme . edit based on schweerelos answer, below actual code. using custom metadata field dc.relation.languageversion . basically, want link other version instead of displaying value, display dc.language.iso of other version in item-view.xsl . i've incorporated answer of schweerelos question in code just displaying value of dc.relation.languageversion . sample values of dc.relation.languageversion 10665.1/9843 ; 10665.1/9844 ie not complete uri handle. thanks in advance! actual code <xsl:template name=...
Read more