I am also looking for using custom keystore, do you know how generate and store cert and priv key in keystore programmatically ?
On Thu, Dec 10, 2009 at 4:12 PM, droidsan <droid...@googlemail.com> wrote: > Hello, > > Trying to set up a secure connection via SSL I get a SSL handshake > failure when the server requests the client certificate. The code > excerpt shown below (basically Apache's ClientCustomSSL.java example > extended to use custom keystore for client cert and to support BKS > keystores) works on my desktop PC but throws a handshake failure in > Android simulator. Is this a bug, do I miss to add something Android > specific or is it just a permission problem? > > Setup on PC: OS: openSuse 11.1, Java: SUN 1.6.0_17, openssl: 0.9.8h > Android SDK platform: 1.5_r3 revision 3 > ________________________________ > DefaultHttpClient httpclient = new DefaultHttpClient(); > > // [ ... ] lines for key- and truststore initialization omitted > > SSLSocketFactory socketFactory = new SSLSocketFactory(keyStore, > keyStorePassword ,trustStore); > > Scheme sch = new Scheme("https", socketFactory, 4433); > httpclient.getConnectionManager().getSchemeRegistry().register(sch); > > HttpGet httpget = new HttpGet("https://192.168.0.63:4433"); > > System.out.println("executing request" + httpget.getRequestLine()); > > // SSL handshake failure when executing next line > HttpResponse response = httpclient.execute(httpget); > > // [...] Remaining code omitted > _________________________________ > Logcat: > W/System.err( 1313): java.io.IOException: SSL handshake failure: > Failure in SSL library, usually a protocol error > W/System.err( 1313): error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 > alert handshake failure (external/openssl/ssl/s3_pkt.c:1053 > 0x2911c0:0x00000003) > _________________________________ > Server (openssl s_server [...] -Verify 1 > 21435:error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did > not return a certificate:s3_srvr.c:2514: > _________________________________ > > Thanks for you help > > Alex > > > > -- > You received this message because you are subscribed to the Google > Groups "Android Developers" group. > To post to this group, send email to android-developers@googlegroups.com > To unsubscribe from this group, send email to > android-developers+unsubscr...@googlegroups.com<android-developers%2bunsubscr...@googlegroups.com> > For more options, visit this group at > http://groups.google.com/group/android-developers?hl=en -- ...Swapnil || Hare Krishna Hare Krishna Krishna Krishna Hare Hare || || Hare Rama Hare Rama Rama Rama Hare Hare || -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en