android - Loading self signed cert to HttpsUrlConnection breaks default CA cert validation -
android - Loading self signed cert to HttpsUrlConnection breaks default CA cert validation -
i'm trying load bks httpsurlconnection , next code worked, broke default ca cert validation other servers.
try { trustmanagerfactory tmf = trustmanagerfactory .getinstance(trustmanagerfactory.getdefaultalgorithm()); keystore ks = keystore.getinstance("bks"); inputstream in = ctw.getresources() .openrawresource(r.raw.bks); ks.load(in, "password".tochararray()); in.close(); tmf.init(ks); trustmanager[] tm = tmf.gettrustmanagers(); keymanagerfactory kmf = keymanagerfactory .getinstance(keymanagerfactory.getdefaultalgorithm()); kmf.init(ks, "password".tochararray()); sslcontext sc = sslcontext.getinstance("ssl"); sc.init(kmf.getkeymanagers(), tm, null); httpsurlconnection .setdefaulthostnameverifier(new hostnameverifier() { @override public boolean verify(string hostname, sslsession session) { homecoming true; } }); httpsurlconnection .setdefaultsslsocketfactory(sc.getsocketfactory()); } grab (exception e) { e.printstacktrace(); } the error is:
com.android.volley.noconnectionerror: javax.net.ssl.sslhandshakeexception: java.security.cert.certpathvalidatorexception: trust anchor certification path not found. i using volley library network requests. code wrong or should modifying volley library?
thanks.
what did create compositetrustmanager check multiple sources, both self-signed cert , default cas. that's hidden behind the trustmanagerbuilder api in my cwac-security library. utilize code like:
new trustmanagerbuilder(this) .selfsigned(r.raw.bks, "password".tochararray()) .or() .usedefault(); then phone call build() trustmanager[] handles both self-signed cert , default cas.
as stands, code replacing stock trustmanager[] 1 tied bks store.
another approach grab failure , retry connection lacks custom trustmanager[].
android ssl android-volley httpsurlconnection
Comments
Post a Comment