HTTPS Connection Problem with Android
7040 views
Skip to first unread message
gopi...@gmail.com
Mar 18, 2008, 8:33:55 AM3/18/08
to Android Developers
Hi,
i am trying to connect to server using Https connection, but i am
getting the "javax.net.ssl.SSLException: Not trusted server
certificate". i have code like this..
HttpClient client = new HttpClient();
HttpMethod method = new GetMethod("https://
openhandsetalliance.c4.ixwebhosting.com");
client.executeMethod(method);
System.out.println(method.getStatusLine());
a.setText("Ok"+method.getStatusLine());
method.releaseConnection();
Please help me if you have any idea to solve this...
Thanks & Regards
Gopi
i am trying to connect to server using Https connection, but i am
getting the "javax.net.ssl.SSLException: Not trusted server
certificate". i have code like this..
HttpClient client = new HttpClient();
HttpMethod method = new GetMethod("https://
openhandsetalliance.c4.ixwebhosting.com");
client.executeMethod(method);
System.out.println(method.getStatusLine());
a.setText("Ok"+method.getStatusLine());
method.releaseConnection();
Please help me if you have any idea to solve this...
Thanks & Regards
Gopi
justin morgenthau
Mar 18, 2008, 10:12:58 AM3/18/08
to Android Developers
HttpClient seems to be VERY picky about certificates. If you are
using a self-signed certificate, or a signed certificate that it
doesn't like for some reason (I suspect some protocols are only
partially implemented), then it rejects it altogether.
The only way I was able to get around it was by using
HttpsURLConnection instead of HttpClient, and setting a dummy
TrustManager before use. See code below. Hope this helps.
Justin Morgenthau
private static TrustManager[] trustManagers;
public static class _FakeX509TrustManager implements
javax.net.ssl.X509TrustManager {
private static final X509Certificate[] _AcceptedIssuers =
new X509Certificate[] {};
public void checkClientTrusted(X509Certificate[] arg0, String arg1)
throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] arg0, String arg1)
throws CertificateException {
}
public boolean isClientTrusted(X509Certificate[] chain) {
return(true);
}
public boolean isServerTrusted(X509Certificate[] chain) {
return(true);
}
public X509Certificate[] getAcceptedIssuers() {
return(_AcceptedIssuers);
}
}
public static void allowAllSSL()
{
javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier(new
HostnameVerifier(){
public boolean verify ( String hostname, SSLSession
session) {
return true;
}
});
javax.net.ssl.SSLContext context=null;
if(trustManagers == null) {
trustManagers = new javax.net.ssl.TrustManager[]{new
_FakeX509TrustManager()};
}
try
{
context = javax.net.ssl.SSLContext.getInstance("TLS");
context.init(null, trustManagers, new SecureRandom());
} catch (NoSuchAlgorithmException e)
{
Log.e("allowAllSSL", e.toString());
} catch (KeyManagementException e)
{
Log.e("allowAllSSL", e.toString());
}
javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
using a self-signed certificate, or a signed certificate that it
doesn't like for some reason (I suspect some protocols are only
partially implemented), then it rejects it altogether.
The only way I was able to get around it was by using
HttpsURLConnection instead of HttpClient, and setting a dummy
TrustManager before use. See code below. Hope this helps.
Justin Morgenthau
private static TrustManager[] trustManagers;
public static class _FakeX509TrustManager implements
javax.net.ssl.X509TrustManager {
private static final X509Certificate[] _AcceptedIssuers =
new X509Certificate[] {};
public void checkClientTrusted(X509Certificate[] arg0, String arg1)
throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] arg0, String arg1)
throws CertificateException {
}
public boolean isClientTrusted(X509Certificate[] chain) {
return(true);
}
public boolean isServerTrusted(X509Certificate[] chain) {
return(true);
}
public X509Certificate[] getAcceptedIssuers() {
return(_AcceptedIssuers);
}
}
public static void allowAllSSL()
{
javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier(new
HostnameVerifier(){
public boolean verify ( String hostname, SSLSession
session) {
return true;
}
});
javax.net.ssl.SSLContext context=null;
if(trustManagers == null) {
trustManagers = new javax.net.ssl.TrustManager[]{new
_FakeX509TrustManager()};
}
try
{
context = javax.net.ssl.SSLContext.getInstance("TLS");
context.init(null, trustManagers, new SecureRandom());
} catch (NoSuchAlgorithmException e)
{
Log.e("allowAllSSL", e.toString());
} catch (KeyManagementException e)
{
Log.e("allowAllSSL", e.toString());
}
javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
justin morgenthau
Mar 18, 2008, 10:14:37 AM3/18/08
to Android Developers
I should probably note that my solution above defeats much of the
security of using SSL, and should only be used for development or if
you really know what you're doing...
-Justin
On Mar 18, 10:12 am, justin morgenthau <justin.morgent...@gmail.com>
wrote:
security of using SSL, and should only be used for development or if
you really know what you're doing...
-Justin
On Mar 18, 10:12 am, justin morgenthau <justin.morgent...@gmail.com>
wrote:
gopikrishna B
Mar 19, 2008, 5:25:27 AM3/19/08
to android-d...@googlegroups.com
Hi,
i have tried with HttpsURLConnection, but i am not able to establish
the connection to the respective URL. what ever code you have given in
that where you are giving the url, and also you are not opening the
connection.
i have tried with HttpsURLConnection, but i am not able to establish
the connection to the respective URL. what ever code you have given in
that where you are giving the url, and also you are not opening the
connection.
Thanks & Regards
Gopi
gopi...@gmail.com
Mar 19, 2008, 7:25:04 AM3/19/08
to Android Developers
Hi Justin Morgenthau,
It's not problem with certificate. Why because it is working in java
application,
but when am trying with Android am getting exception like
javax.net.ssl.SSLException : Not trusted certificate.
Please give me clear idea that am strugguling alot to do this.
And more over am bit confused of youe code, why beacase am not having
that much knowledge
on SSL.
So please share your views on this.
Thanks & Regards,
Gopi.
On Mar 18, 7:12 pm, justin morgenthau <justin.morgent...@gmail.com>
wrote:
> javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
> > i am trying toconnectto server usingHttpsconnection, but i am
>
> - Show quoted text -
It's not problem with certificate. Why because it is working in java
application,
but when am trying with Android am getting exception like
javax.net.ssl.SSLException : Not trusted certificate.
Please give me clear idea that am strugguling alot to do this.
And more over am bit confused of youe code, why beacase am not having
that much knowledge
on SSL.
So please share your views on this.
Thanks & Regards,
Gopi.
On Mar 18, 7:12 pm, justin morgenthau <justin.morgent...@gmail.com>
wrote:
> > i am trying toconnectto server usingHttpsconnection, but i am
> > getting the "javax.net.ssl.SSLException: Not trusted server
> > certificate". i have code like this..
>
> > HttpClient client = new HttpClient();
> > HttpMethod method = new GetMethod("https://
> > openhandsetalliance.c4.ixwebhosting.com");
>
> > client.executeMethod(method);
> > System.out.println(method.getStatusLine());
> > a.setText("Ok"+method.getStatusLine());
> > method.releaseConnection();
>
> > Please help me if you have any idea to solve this...
>
> > Thanks & Regards
> > Gopi- Hide quoted text -
> > certificate". i have code like this..
>
> > HttpClient client = new HttpClient();
> > HttpMethod method = new GetMethod("https://
> > openhandsetalliance.c4.ixwebhosting.com");
>
> > client.executeMethod(method);
> > System.out.println(method.getStatusLine());
> > a.setText("Ok"+method.getStatusLine());
> > method.releaseConnection();
>
> > Please help me if you have any idea to solve this...
>
> > Thanks & Regards
>
> - Show quoted text -
justin morgenthau
Mar 19, 2008, 8:58:11 AM3/19/08
to Android Developers
I can't say why it works as a Java App and not in Android, but I have
seen similar behavior. A search on this forum for SSL willl turn up
discussions where it sounds like some types of certificate chains are
not fully supported in Android.
My code was adapted from here, you may be able to read through for
more info:
http://en.wikibooks.org/wiki/Programming:WebObjects/Web_Services/How_to_Trust_Any_SSL_Certificate
Making a call to allowAllSSL() sets up HttpsURLConnection so that all
new connections use the fake TrustManager, which allows any
certificate to be accepted. All subsequest connections using
HttpsURLConnection should work OK. Do a Google search for
HttpsURLConnection and you'll find plenty of examples.
-Justin
seen similar behavior. A search on this forum for SSL willl turn up
discussions where it sounds like some types of certificate chains are
not fully supported in Android.
My code was adapted from here, you may be able to read through for
more info:
http://en.wikibooks.org/wiki/Programming:WebObjects/Web_Services/How_to_Trust_Any_SSL_Certificate
Making a call to allowAllSSL() sets up HttpsURLConnection so that all
new connections use the fake TrustManager, which allows any
certificate to be accepted. All subsequest connections using
HttpsURLConnection should work OK. Do a Google search for
HttpsURLConnection and you'll find plenty of examples.
-Justin
gopikrishna B
Mar 21, 2008, 2:11:31 AM3/21/08
to android-d...@googlegroups.com
Hi,
Yes it is working, but i have to do this using org.apache.commons or org.apache.http packages. Can you tell me how to use your code using org.apache.commons package. I tried alot for setting that SSLScocketFactory and HostNameVerifier using HttpClient, but there are no specific methods to set these functionalities.
Please respond me if you have any idea on this.
Thanks & Regards,
Gopi.
Reply all
Reply to author
Forward
0 new messages