Android Studio: Server's certificate is not trusted

后端 未结 8 910
天命终不由人
天命终不由人 2021-02-03 19:28

Is it safe to ignore this warning? It shows up when I create a new project in Android Studio:

Server\'s certificate is not trusted

Certificate details

Issued T         


        
相关标签:
8条回答
  • 2021-02-03 19:34

    It is not safe to ignore that warning. Someone could be attempting a man-in-the-middle attack with a fake certificate in order to install malicious software on your computer through the update process. This probably isn't happening but it's always better to do things correctly when it comes to security.

    You should instead add root certificates you trust to the Android Studio keystore. The location and default password of the keystore should be listed at the bottom of that warning. For example, mine is at ~/Library/Caches/AndroidStudio/tasks/cacerts. Next you'll want to find the root certificate in the chain the server is presenting. Unfortunately the warning doesn't list the whole chain so it takes a little work to find it. The Google Internet Authority G2 certificate is the same one that is used to sign the certificates for google's sites. You can view the chain in Chrome by going to google.com, clicking on the green lock, then "Certificate Information" in the connection tab. At this point you can verify that the hashes in the warning match the hashes for the real G2 certificate. You'll also see that the root certificate is named Equifax Secure Certificate Authority. You can download it from https://www.geotrust.com/resources/root-certificates/. Next you'll need to add it to the keystore:

    keytool -import -alias equifaxca \
    -file Equifax_Secure_Certificate_Authority.pem -keystore cacerts
    

    Finally, restart Android Studio. That warning should not appear again until August 22, 2018 unless someone is actually presenting a fake certificate.

    0 讨论(0)
  • 2021-02-03 19:38

    Android Studio has a configuration for Server Certificates.

    Just Follow these steps --

    Go to File->Settings. In the Tools section select Server Certificates.

    Myself I just selected the Accept non-trusted certificates automatically check box, hit Apply and never had to deal with it.

    0 讨论(0)
  • 2021-02-03 19:39

    As of AndroidStudio 1.5.1 You can go to Preferences -> Tools -> Server Certificates and click the + button to manually add certificates that should be trusted.

    0 讨论(0)
  • 2021-02-03 19:49

    Android Studio has a configuration for Server Certificates (This works for other IntelliJ platforms like PyCharm as well)

    Go to File->Settings. In the IDE Settings section select Server Certificates

    Myself I just selected the Accept Automatically check box, hit Apply and never had to deal with it. If you are worried about security, there is also the option to add them 1 at a time as they come up.

    In my case I did this because I already had a *.google.com certificate configured as accepted, but I still got the popup. I suspect that the fingerprint changed and if I would have deleted and then accepted the error would have gone away, but I decided to just make it go away by selecting the check box.

    0 讨论(0)
  • 2021-02-03 19:49

    It is missing system certificate specific for Java. If you are using Ubuntu and Oracle JRE/JDK, install ca-certificates-java package.

    0 讨论(0)
  • 2021-02-03 19:52

    I followed the SELF_SIGNED_CERT_IN_CHAIN error a lot. Solving npm in node.js solves the certificate problem.

    npm config set cafile /path/to/cert.pem
    

    See below https://mmx5002.blogspot.com/2020/02/selfsignedcertinchain.html

    0 讨论(0)
提交回复
热议问题