[android-developers] Android: Trusting all Certificates using HttpClient over HTTPS

Wed, 14 Apr 2010 22:11:49 -0700 

Hi all,

Trying to get HTTPS working with the HttpClient.  I can't seem to find
an example anywhere that works for me.  Basically, I want my client to
accept any certificate (because I'm only ever pointing to one server)
but I keep getting a javax.net.ssl.SSLException: Not trusted server
certificate exception.  So this is what I have:

    public void connect() throws A_WHOLE_BUNCH_OF_EXCEPTIONS {

        HttpPost post = new HttpPost(new URI(PROD_URL));
        post.setEntity(new StringEntity(BODY));

        KeyStore trusted = KeyStore.getInstance("BKS");
        trusted.load(null, "".toCharArray());
        SSLSocketFactory sslf = new SSLSocketFactory(trusted);
 
sslf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

        SchemeRegistry schemeRegistry = new SchemeRegistry();
        schemeRegistry.register(new Scheme ("https", sslf, 443));
        SingleClientConnManager cm = new
SingleClientConnManager(post.getParams(), schemeRegistry);

        HttpClient client = new DefaultHttpClient(cm, post.getParams());
        HttpResponse result = client.execute(post);
    }

And here's the error I'm getting:

    W/System.err(  901): javax.net.ssl.SSLException: Not trusted
server certificate
    W/System.err(  901):        at
org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:
360)
    W/System.err(  901):        at
org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:
92)
    W/System.err(  901):        at
org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:
321)
    W/System.err(  901):        at
org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:
129)
    W/System.err(  901):        at
org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:
164)
    W/System.err(  901):        at
org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:
119)
    W/System.err(  901):        at
org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:
348)
    W/System.err(  901):        at
org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:
555)
    W/System.err(  901):        at
org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:
487)
    W/System.err(  901):        at
org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:
465)
    W/System.err(  901):        at
me.harrisonlee.test.ssl.MainActivity.connect(MainActivity.java:129)
    W/System.err(  901):        at
me.harrisonlee.test.ssl.MainActivity.access$0(MainActivity.java:77)
    W/System.err(  901):        at me.harrisonlee.test.ssl.MainActivity
$2.run(MainActivity.java:49)
    W/System.err(  901): Caused by:
java.security.cert.CertificateException:
java.security.InvalidAlgorithmParameterException: the trust anchors
set is empty
    W/System.err(  901):        at
org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:
157)
    W/System.err(  901):        at
org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:
355)
    W/System.err(  901):        ... 12 more
    W/System.err(  901): Caused by:
java.security.InvalidAlgorithmParameterException: the trust anchors
set is empty
    W/System.err(  901):        at
java.security.cert.PKIXParameters.checkTrustAnchors(PKIXParameters.java:
645)
    W/System.err(  901):        at
java.security.cert.PKIXParameters.<init>(PKIXParameters.java:89)
    W/System.err(  901):        at
org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.<init>(TrustManagerImpl.java:
89)
    W/System.err(  901):        at
org.apache.harmony.xnet.provider.jsse.TrustManagerFactoryImpl.engineGetTrustManagers(TrustManagerFactoryImpl.java:
134)
    W/System.err(  901):        at
javax.net.ssl.TrustManagerFactory.getTrustManagers(TrustManagerFactory.java:
226)
    W/System.err(  901):        at
org.apache.http.conn.ssl.SSLSocketFactory.createTrustManagers(SSLSocketFactory.java:
263)
    W/System.err(  901):        at
org.apache.http.conn.ssl.SSLSocketFactory.<init>(SSLSocketFactory.java:
190)
    W/System.err(  901):        at
org.apache.http.conn.ssl.SSLSocketFactory.<init>(SSLSocketFactory.java:
216)
    W/System.err(  901):        at
me.harrisonlee.test.ssl.MainActivity.connect(MainActivity.java:107)
    W/System.err(  901):        ... 2 more

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

To unsubscribe, reply using "remove me" as the subject.

Reply via email to