SSL Errors, Peer Certificate

[Evan Ruff]

Hey guys,

I've had a question over on StackOverflow about some SSL errors I'm getting intermittently from my Android Application. The problem seems to be popping up more often lately and I was hoping someone could give me some direction about what's happening and how to solve the error. My original StackOverflow question is here. 

To summarize, usually my communication over SSL to https://myversion-dot-myapp.appspot.com usually goes off without a hitch; however, a few times per day I will receive a javax.net.ssl.SSLPeerUnverifiedException: No peer certificate exception in my application logs. Does anyone have any idea what's going on with this? A few other folks have starred my question, so I guess others are seeing it as well. Is there a configuration issue I'm missing on Android?

Thanks,

E

[Vinny P]

On Wed, Jul 24, 2013 at 8:51 AM, Evan Ruff <evan...@gmail.com> wrote:

To summarize, usually my communication over SSL to https://myversion-dot-myapp.appspot.com usually goes off without a hitch; however, a few times per day I will receive a javax.net.ssl.SSLPeerUnverifiedException: No peer certificate exception in my application logs. Does anyone have any idea what's going on with this? A few other folks have starred my question, so I guess others are seeing it as well. Is there a configuration issue I'm missing on Android?

 

 

Hello Evan,

 

Can you try hardcoding the port, for example https://example.com:443/demonstration/path? Some Android builds can get a little bit "loose" with their understanding of HTTP.

 

Is there a specific Android OS version that is experiencing these problems, or does it appear to come from all versions?

 

 

-----------------

-Vinny P

Technology & Media Advisor

Chicago, IL

App Engine Code Samples: http://www.learntogoogleit.com

 

[Evan Ruff]

Hey Vinnie,

I only support 4.0+, and it seems to be coming from all flavors of 4.

I will update the address to reflect the port and push out a new version sometime this week. I'll report back after that.

Thanks for the suggestion!

E

--
You received this message because you are subscribed to a topic in the Google Groups "Google App Engine" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/google-appengine/gE8MAlWImgo/unsubscribe.
To unsubscribe from this group and all its topics, send an email to google-appengi...@googlegroups.com.
To post to this group, send email to google-a...@googlegroups.com.
Visit this group at http://groups.google.com/group/google-appengine.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

[Evan Ruff]

Hey guys,

Just updating this. I have released a new version of my application, pointed to the port as well, and am still getting these SSL errors ALL OVER the place... I'd say more frequently than before.

Any other ideas?

Thanks!

E

[Evan Ruff]

Hey guys,

These errors are still persisting. Any other ideas on how I could troubleshoot this? Is there any additional logging/variables/statistics I could record on the client or server to find out why I'm getting these errors?

Thanks!

E

[Evan Ruff]

Guys,

I'm on 1.9.1 now and am still getting a multiude of SSL errors when connecting from my Android Client to the dot qualified SSL domain. Some errors include:

javax.net.ssl.SSLException: Connection closed by peer

java.security.cert.CertPathValidatorException: Trust anchor for certification path not found

javax.net.ssl.SSLException: Write error: ssl=0x53602388: I/O error during system call, Broken pipe

java.io.IOException: Hostname 'myversion-dot-myapp.appspot.com' was not verified

I have migrated all of my connection logic to okHttp in an attempt to reduce any weirdness in my implementation patterns and the problem still persists. Has anyone else found anything like this or could give me an idea about how to prevent these exceptions from arising?

Thanks,

E