On android 1.0 I tried to connect to my https server which uses a self- signed certificate: Here is my code, which uses a custom hostname verifier: /* Create and initialize HTTP parameters */ HttpParams params = new BasicHttpParams(); ConnManagerParams.setMaxTotalConnections(params, 2); HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
/* Create and initialize scheme registry */ SchemeRegistry schemeRegistry = new SchemeRegistry(); schemeRegistry.register(new Scheme("http", PlainSocketFactory .getSocketFactory(), 80)); SSLSocketFactory sslSocketFactory = SSLSocketFactory.getSocketFactory(); sslSocketFactory.setHostnameVerifier(new X509HostnameVerifier() { @Override public boolean verify(String host, SSLSession session) { return true; } @Override public void verify(String host, SSLSocket ssl) throws IOException { /* Nothing to do */ } @Override public void verify(String host, X509Certificate cert) throws SSLException { /* Nothing to do */ } @Override public void verify(String host, String[] cns, String[] subjectAlts) throws SSLException { /* Nothing to do */ } }); schemeRegistry.register(new Scheme("https", sslSocketFactory, 443)); /* Allow multiple threads (two in our case) to access the HTTP client */ ClientConnectionManager cm = new ThreadSafeClientConnManager(params, schemeRegistry); mHttpClient = new DefaultHttpClient(cm, params); try { HttpGet ping = new HttpGet(mConnectionManagerURL); HttpResponse response = mHttpClient.execute(ping); HttpEntity entity = response.getEntity(); if (entity != null) entity.consumeContent(); } catch (IOException ioe) { ioe.printStackTrace(); shutdown(); throw ioe; } catch (Exception e) { e.printStackTrace(); shutdown(); throw new IOException(e.getMessage()); } I have the following exception in stack trace: 10-17 13:46:23.484: ERROR/ubikim-streams(783): javax.net.ssl.SSLException: Not trusted server certificate 10-17 13:46:23.554: ERROR/ubikim-streams(783): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java: 353) 10-17 13:46:23.654: ERROR/ubikim-streams(783): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl $SSLInputStream.<init>(OpenSSLSocketImpl.java:491) 10-17 13:46:23.704: ERROR/ubikim-streams(783): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.java: 432) 10-17 13:46:23.784: ERROR/ubikim-streams(783): at org.apache.http.impl.io.SocketInputBuffer.<init>(SocketInputBuffer.java: 93) 10-17 13:46:23.844: ERROR/ubikim-streams(783): at org.apache.http.impl.SocketHttpClientConnection.createSessionInputBuffer(SocketHttpClientConnection.java: 83) 10-17 13:46:23.894: ERROR/ubikim-streams(783): at org.apache.http.impl.conn.DefaultClientConnection.createSessionInputBuffer(DefaultClientConnection.java: 170) 10-17 13:46:23.944: ERROR/ubikim-streams(783): at org.apache.http.impl.SocketHttpClientConnection.bind(SocketHttpClientConnection.java: 106) 10-17 13:46:24.035: ERROR/ubikim-streams(783): at org.apache.http.impl.conn.DefaultClientConnection.openCompleted(DefaultClientConnection.java: 129) 10-17 13:46:24.085: ERROR/ubikim-streams(783): at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java: 136) 10-17 13:46:24.135: ERROR/ubikim-streams(783): at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java: 164) 10-17 13:46:24.185: ERROR/ubikim-streams(783): at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java: 119) 10-17 13:46:24.275: ERROR/ubikim-streams(783): at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java: 348) 10-17 13:46:24.325: ERROR/ubikim-streams(783): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java: 555) 10-17 13:46:24.375: ERROR/ubikim-streams(783): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java: 487) 10-17 13:46:24.425: ERROR/ubikim-streams(783): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java: 465) 10-17 13:46:24.504: ERROR/ubikim-streams(783): at com.ubikod.smackx.bosh.BoshSession.<init>(BoshSession.java:105) 10-17 13:46:24.554: ERROR/ubikim-streams(783): at com.ubikod.smackx.bosh.BoshSocket.<init>(BoshSocket.java:15) 10-17 13:46:24.594: ERROR/ubikim-streams(783): at com.ubikod.smackx.bosh.BoshSocketFactory.createSocket(BoshSocketFactory.java: 27) 10-17 13:46:24.644: ERROR/ubikim-streams(783): at org.jivesoftware.smack.XMPPConnection.connectUsingConfiguration(XMPPConnection.java: 818) 10-17 13:46:24.734: ERROR/ubikim-streams(783): at org.jivesoftware.smack.XMPPConnection.connect(XMPPConnection.java: 1276) 10-17 13:46:24.774: ERROR/ubikim-streams(783): at com.ubikod.android.ubikim.service.UbikIMService $1.run(UbikIMService.java:476) 10-17 13:46:24.844: ERROR/ubikim-streams(783): Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: TrustAnchor for CertPath not found. 10-17 13:46:24.945: ERROR/ubikim-streams(783): at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java: 158) 10-17 13:46:25.005: ERROR/ubikim-streams(783): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java: 349) 10-17 13:46:25.035: ERROR/ubikim-streams(783): ... 20 more 10-17 13:46:25.095: ERROR/ubikim-streams(783): Caused by: java.security.cert.CertPathValidatorException: TrustAnchor for CertPath not found. 10-17 13:46:25.205: ERROR/ubikim-streams(783): at org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi.engineValidate(PKIXCertPathValidatorSpi.java: 144) 10-17 13:46:25.245: ERROR/ubikim-streams(783): at java.security.cert.CertPathValidator.validate(CertPathValidator.java: 153) 10-17 13:46:25.305: ERROR/ubikim-streams(783): at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java: 154) 10-17 13:46:25.335: ERROR/ubikim-streams(783): ... 21 more The code of my custom hostname verifier is called, but another check fails later and I didn't find a way to override this behavior. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~----------~----~----~----~------~----~------~--~---