Having a very similar issue... I really think we need to create some
form of a global keystore import app idealy... or, fix the
AllowAllHostnameVerifier() method at least. Im still digging to try
to make a successfully connection on an invalid cert...
On Oct 20, 3:59 am, vel <[EMAIL PROTECTED]> wrote:
> Here is a way to configure to the SSLContext
> TrustManager[] trustAllCerts = new TrustManager[] { new
> X509TrustManager()
> {
> public java.security.cert.X509Certificate[]
> getAcceptedIssuers()
> {
> return acceptedIssuers;
> }
>
> public void
> checkClientTrusted( java.security.cert.X509Certificate[] certs, String
> authType )
> {
> }
>
> public void
> checkServerTrusted( java.security.cert.X509Certificate[] certs, String
> authType )
> {
> }
> } };
>
> // Install the all-trusting trust manager
> try
> {
> sc = SSLContext.getInstance( "TLS" );
> sc.init( null, trustAllCerts, new
> java.security.SecureRandom() );
>
> HttpsURLConnection.setDefaultSSLSocketFactory( sc.getSocketFactory() );
> }
> catch( Exception e )
> {
> e.printStackTrace();
> }
>
> Still i am not able to connect to any https connection
> even though checkServerTrusted method is called...
>
> java.io.IOException: Hostname <sample.test.com was not verified
> can any one help me
>
> On Sep 24, 4:45 am, "Megha Joshi" <[EMAIL PROTECTED]> wrote:
>
>
>
> > It is recommended to build an application-specific keystore with only the
> > needed certificate(s) in it. If you have a specific server
> > certificate you want to trust, even if it isn't part of a complete chain,
> > put in into this store. Same for client certificates that might
> > be need for authenticating the client. In the client application, configure
> > the SSLContext appropriately. You could point either the key manager or the
> > trust manager to your application store. There's a method that allows to
> > load the keystore contents from a stream.
>
> > 2008/9/8 maennel <[EMAIL PROTECTED]>
>
> > > Hi all,
> > > I am trying to connect with Android to a server which I develop
> > > myself. Now it should be possible to connect to that server using an
> > > encrypted connection (namely HTTPS).
> > > As I do not use this application in a commercial way I don't want to
> > > invest money to buy a real certificate. So, I try to test the system
> > > using a test certificate from thawte on server side.
>
> > > What happens:
> > > Because the CA that signed this test certificate is not stored on
> > > Android, it simply rejects the certificate and does not connect to the
> > > server by stopping the handshake procedure by a TCP-Fin-Ack. I tried
> > > to connect to other, public secured servers and there the connection
> > > is established without any problem (tests done with HttpClient and
> > > HttpMethod).
>
> > > Is there any possibility to add the two certificates (test
> > > intermediate CA & test root CA) to the Android keystore in order to
> > > have an effect as if the certificate I use was a real one?
> > > Or does anybody knows if there are other possibilities to connect to
> > > test servers?
>
> > > Thank you for responding,
> > > maennel- Hide quoted text -
>
> - Show quoted text -
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
-~----------~----~----~----~------~----~------~--~---
