On Thu, Aug 4, 2011 at 1:06 AM, hhenne <[email protected]> wrote: > Hi, > > My first post to this list - I think. > > When calling a payment service (HTTPS) from an Android 2.3 (Google > Nexus S) mobile, I got an exception from validation of the server > certificate. It is a valid certificate - no problem when calling the > same service from an IPhone. >
Valid and trusted are two different things. If the Android trust store doesn't contain the issuer of the certificate, you will get an error. > It seems to be a well known problem - googling for it, gives a lot of > hits and also some suggestions how to solve it. I have tried a couple > of them without success. What have you tried? Basically you need to supply your own trust store containing the issuer of the server certificate (and any other certificates needed to form a full chain, if any) > Now I'm asking this forum, and hope somebody > will direct me to a working solution. It is OK, if it only works on > 2.3, and I really don't need the validation at all. > Are you sure you don't need the validation? Is it OK , if the payments go to a third-party server instead of yours/ your partner's? > W/System.err( 9056): Caused by: java.security.SignatureException: > Signature was not verified This actually sounds like a broken certificate, not a trust problem. Can you post it somewhere? -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
