Cannot upload file with SSL (https - self signed cert) - FileTransfer.upload
3,194 views
Skip to first unread message
LucyJp
Mar 27, 2012, 10:44:29 AM3/27/12
to phonegap
Hi, I can upload files with HTTP but using HTTPS (self signed cert),
getting "anchor for certification path not found error". PhoneGap API
for FileTransfer page mentioned that "Both HTTP and HTTPS protocols
are supported."
Could we uplodad file using self signed certificate?
How do I fix this?
• PhoneGap Error code is FileTransferError.CONNECTION_ERR
• PhoneGap version: 1.2.0
• Created a keystore with a single self-certified certificate using
java keytool.exe
• Devices - Samsung galaxy tablet 10.1, version Android 3 .1, and iOS
5.1 iPhone 3GS
Exception:
03-26 17:40:09.460: ERROR/FileUploader(2431):
java.security.cert.CertPathValidatorException: Trust anchor for
certification path not found.
03-26 17:40:09.460: ERROR/FileUploader(2431):
javax.net.ssl.SSLHandshakeException:
java.security.cert.CertPathValidatorException: Trust anchor for
certification path not found.
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:
488)
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:
323)
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.luni.internal.net.www.protocol.http.HttpConnection.setupSecureSocket(HttpConnection.j...
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.luni.internal.net.www.protocol.https.HttpsURLConnectionImpl
$HttpsEngine.makeSslConnec...
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.luni.internal.net.www.protocol.https.HttpsURLConnectionImpl
$HttpsEngine.makeConnectio...
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.connect(HttpURLConnectionIm...
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.getOutputStream(HttpURLConn...
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.luni.internal.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLC...
03-26 17:40:09.460: ERROR/FileUploader(2431): at
com.phonegap.FileTransfer.upload(FileTransfer.java:285)
03-26 17:40:09.460: ERROR/FileUploader(2431): at
com.phonegap.FileTransfer.execute(FileTransfer.java:98)
03-26 17:40:09.460: ERROR/FileUploader(2431): at
com.phonegap.api.PluginManager$1.run(PluginManager.java:145)
03-26 17:40:09.460: ERROR/FileUploader(2431): at
java.lang.Thread.run(Thread.java:1020)
03-26 17:40:09.460: ERROR/FileUploader(2431): Caused by:
java.security.cert.CertificateException:
java.security.cert.CertPathValidatorException: Trust anchor for
certification path not found.
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:
170)
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:
132)
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:
681)
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.xnet.provider.jsse.NativeCrypto.SSL_do_handshake(Native
Method)
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:
485)
03-26 17:40:09.460: ERROR/FileUploader(2431): ... 11 more
03-26 17:40:09.460: ERROR/FileUploader(2431): Caused by:
java.security.cert.CertPathValidatorException: Trust anchor for
certification path not found.
03-26 17:40:09.460: ERROR/FileUploader(2431): at
com.android.org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi.engineValidate(PKIXCertPathValidatorSpi.java:
160)
03-26 17:40:09.460: ERROR/FileUploader(2431): at
java.security.cert.CertPathValidator.validate(CertPathValidator.java:
191)
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:
157)
03-26 17:40:09.460: ERROR/FileUploader(2431): ... 15 more
03-26 17:40:12.350: ERROR/Controller(777): ** updateScreenshot :
orgUrl is NOT null..
Thank you
getting "anchor for certification path not found error". PhoneGap API
for FileTransfer page mentioned that "Both HTTP and HTTPS protocols
are supported."
Could we uplodad file using self signed certificate?
How do I fix this?
• PhoneGap Error code is FileTransferError.CONNECTION_ERR
• PhoneGap version: 1.2.0
• Created a keystore with a single self-certified certificate using
java keytool.exe
• Devices - Samsung galaxy tablet 10.1, version Android 3 .1, and iOS
5.1 iPhone 3GS
Exception:
03-26 17:40:09.460: ERROR/FileUploader(2431):
java.security.cert.CertPathValidatorException: Trust anchor for
certification path not found.
03-26 17:40:09.460: ERROR/FileUploader(2431):
javax.net.ssl.SSLHandshakeException:
java.security.cert.CertPathValidatorException: Trust anchor for
certification path not found.
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:
488)
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:
323)
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.luni.internal.net.www.protocol.http.HttpConnection.setupSecureSocket(HttpConnection.j...
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.luni.internal.net.www.protocol.https.HttpsURLConnectionImpl
$HttpsEngine.makeSslConnec...
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.luni.internal.net.www.protocol.https.HttpsURLConnectionImpl
$HttpsEngine.makeConnectio...
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.connect(HttpURLConnectionIm...
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.luni.internal.net.www.protocol.http.HttpURLConnectionImpl.getOutputStream(HttpURLConn...
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.luni.internal.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLC...
03-26 17:40:09.460: ERROR/FileUploader(2431): at
com.phonegap.FileTransfer.upload(FileTransfer.java:285)
03-26 17:40:09.460: ERROR/FileUploader(2431): at
com.phonegap.FileTransfer.execute(FileTransfer.java:98)
03-26 17:40:09.460: ERROR/FileUploader(2431): at
com.phonegap.api.PluginManager$1.run(PluginManager.java:145)
03-26 17:40:09.460: ERROR/FileUploader(2431): at
java.lang.Thread.run(Thread.java:1020)
03-26 17:40:09.460: ERROR/FileUploader(2431): Caused by:
java.security.cert.CertificateException:
java.security.cert.CertPathValidatorException: Trust anchor for
certification path not found.
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:
170)
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:
132)
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:
681)
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.xnet.provider.jsse.NativeCrypto.SSL_do_handshake(Native
Method)
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:
485)
03-26 17:40:09.460: ERROR/FileUploader(2431): ... 11 more
03-26 17:40:09.460: ERROR/FileUploader(2431): Caused by:
java.security.cert.CertPathValidatorException: Trust anchor for
certification path not found.
03-26 17:40:09.460: ERROR/FileUploader(2431): at
com.android.org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi.engineValidate(PKIXCertPathValidatorSpi.java:
160)
03-26 17:40:09.460: ERROR/FileUploader(2431): at
java.security.cert.CertPathValidator.validate(CertPathValidator.java:
191)
03-26 17:40:09.460: ERROR/FileUploader(2431): at
org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:
157)
03-26 17:40:09.460: ERROR/FileUploader(2431): ... 15 more
03-26 17:40:12.350: ERROR/Controller(777): ** updateScreenshot :
orgUrl is NOT null..
Thank you
Simon MacDonald
Mar 27, 2012, 10:56:54 AM3/27/12
to phon...@googlegroups.com
There is an undocumented parameter in FileTransfer.upload to allow
self signed certs.
self signed certs.
FileTransfer.upload(filePath, server, successCallback,
errorCallback, options, debug);
Set debug = true and you will be able to do you upload.
Simon Mac Donald
http://hi.im/simonmacdonald
> --
> You received this message because you are subscribed to the Google
> Groups "phonegap" group.
> To post to this group, send email to phon...@googlegroups.com
> To unsubscribe from this group, send email to
> phonegap+u...@googlegroups.com
> For more options, visit this group at
> http://groups.google.com/group/phonegap?hl=en?hl=en
>
> For more info on PhoneGap or to download the code go to www.phonegap.com
LucyJp
Mar 27, 2012, 11:09:27 AM3/27/12
to phonegap
Hi Simon,
It worked!! I was able to upload file!!
Thank you so much!
On Mar 27, 10:56 am, Simon MacDonald <simon.macdon...@gmail.com>
wrote:
It worked!! I was able to upload file!!
Thank you so much!
On Mar 27, 10:56 am, Simon MacDonald <simon.macdon...@gmail.com>
wrote:
> There is an undocumented parameter in FileTransfer.upload to allow
> self signed certs.
>
> FileTransfer.upload(filePath, server, successCallback,
> errorCallback, options, debug);
>
> Set debug = true and you will be able to do you upload.
>
> Simon Mac Donaldhttp://hi.im/simonmacdonald
> self signed certs.
>
> FileTransfer.upload(filePath, server, successCallback,
> errorCallback, options, debug);
>
> Set debug = true and you will be able to do you upload.
>
LucyJp
Mar 27, 2012, 11:16:48 AM3/27/12
to phonegap
Hi Simon,
Will it be safe to keep debug=true for production?
Thank you
Will it be safe to keep debug=true for production?
Thank you
Simon MacDonald
Mar 27, 2012, 11:19:51 AM3/27/12
to phon...@googlegroups.com
Personally, I don't think you should used self signed certificates in
a production environment so my answer would be no. When you deploy for
real and your server has a valid certificate you can remove the
debug=true and you will be able to upload to a server with a cert from
a valid certificate authority.
a production environment so my answer would be no. When you deploy for
real and your server has a valid certificate you can remove the
debug=true and you will be able to upload to a server with a cert from
a valid certificate authority.
Simon Mac Donald
http://hi.im/simonmacdonald
BrianH
Apr 8, 2012, 6:00:32 PM4/8/12
to phon...@googlegroups.com
I'm having an issue uploading to https destination as well, and I do have a valid certificate. It's a domain certificate from GoDaddy which seemed to satisfy Facebook app requirements... but is that not "good enough" or am I missing something else? The debug option doesn't seem to work for me either, so maybe my problem lies elsewhere. I am able to post other data to https (via jquery ajax functions). I'll continue my search, but any ideas would be appreciated!
Thanks,
Brian
Thanks,
Brian
>> > > For more options, visit this group at
>> > >http://groups.google.com/group/phonegap?hl=en?hl=en
>>
>> > > For more info on PhoneGap or to download the code go towww.phonegap.com
>
> --
> You received this message because you are subscribed to the Google
> Groups "phonegap" group.
> To post to this group, send email to phon...@googlegroups.com
> To unsubscribe from this group, send email to
Brian Holub
Apr 8, 2012, 7:01:29 PM4/8/12
to phon...@googlegroups.com
I'm also having issues uploading to an https destination, but I am using a valid certificate from GoDaddy. Any thoughts to what else could be causing this problem? The error code is "3" and http works fine. It seems to take it's time, as if it's uploading the whole file and then claiming to fail.
Any ideas or help would be greatly appreciated!
Brian Holub
Apr 8, 2012, 9:38:14 PM4/8/12
to phon...@googlegroups.com
Sorry for the double post. The groups UI confused me and said "this message was deleted" when it was really just pending approval.
Anyway, I noticed on my android phone that it complains about the certificate when it hit the server in the browser: https://api.wodtogether.com -- while it seems to work without certificate errors on my desktop browsers, android gives me "the name of the site does not match the name on the certificate" --- what Find extra strange though, is that when I ask to view cert details, it tells me validity is between 1/26/2012 and 1/25/2013... when my cert is for 4/8/2012 - 4/8/2015 (when viewed in Firefox on my laptop).
Brian Holub
Apr 8, 2012, 10:49:43 PM4/8/12
to phon...@googlegroups.com
I may be chasing several issues, not sure if they're related yet. But I was able to "fix" the cert error on the android browser. After coming across this:
http://code.google.com/p/android/issues/detail?id=10016 --- i reconfigured apache so that api.wodtogether.com was the first named vhost with an SSL cert. So now I can hit https://api.wodtogether.com on the stock android browser without a certificate error. Still no luck on uploading a picture though.
kaore
May 11, 2012, 10:22:06 AM5/11/12
to phon...@googlegroups.com
I had the same problem. On my server, I had two valid certificates (the first for cibul.net, the second for api.cibul.net). When trying to get data from https://api.cibul.net/ping from the phonegap app in the simulator, I had my response well enough. But nothing when trying the same app on an android device (Galaxy S - 2.1 or Galaxy Tab - 2.2)...
Putting the api.cibul.net VirtualHost before all other secure vhost references in the apache config solved the problem... But now when I load https://cibul.net from my phone browser I get the Untrusted Certificate warning.. I really don't understand why, but the browser does seem to pick the first certificate from the apache conf regardless what vhost is being requested.
Thx to Brian Holub whose post surely saved me some more hours of struggle.
Reply all
Reply to author
Forward
0 new messages