Re: Android client - Restlet 2.0.15 - cannot connect with HTTPS/SSL - recoverable error 1001

[Alex]

Ok, it is as I was suspecting. The problem is that the certificate (having a
CNAME = www.mydomain.com, but being loaded from
https://mywebservice.elasticbeanstalk.com) seems to the Android client as
invalid, thus it doesn't even send the GET/POST request to the server.

I realized this when I send a POST method from the terminal (using "curl"),
ignoring the ssl verification warnings (-k option). This time the secure
connection responded as expected, sending back the json reply.

Based on Google's own Android documentation suggestion
(http://developer.android.com/training/articles/security-ssl.html#CommonHostnameProbs),
I tried to alter the HostnameVerifier method in order to get past the
certification validation. This is how my ClientResource is currently
created:

/public static ClientResource createClientResource(String resourceUri) {
                Reference reference = new Reference(resourceUri); 

                System.setProperty( "ssl.TrustManagerFactory.algorithm",
javax.net.ssl.KeyManagerFactory.getDefaultAlgorithm());
                
                org.restlet.Context context = new org.restlet.Context();
                
                context.getAttributes().put("hostnameVerifier", new 
HostnameVerifier() {

                        @Override
                        public boolean verify(String arg0, SSLSession arg1) {
                                return true;

                        }
                        
                });
                
                ClientResource resource = new ClientResource(context, 
reference);
                
                Engine.getInstance().getRegisteredClients().clear();
                Engine.getInstance().getRegisteredClients().add(new
HttpClientHelper(null)); 
                Engine.getInstance().getRegisteredConverters().add(0, new
JacksonConverter());

                resource.release();
                
                return resource;
        }/

But this doesn't work either, I still get the 1001 recoverable error. Still,
the Android client can't get past the "invalid" request.

I'd greatly appreciate any suggetions. :)

br,
Alex



--
View this message in context: 
http://restlet-discuss.1400322.n2.nabble.com/Android-client-Restlet-2-0-15-cannot-connect-with-HTTPS-SSL-recoverable-error-1001-tp7578771p7578778.html
Sent from the Restlet Discuss mailing list archive at Nabble.com.

------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=3054928