SSLHandshakeException: Trust anchor for certification path not found. Only on Android API < 19

那年仲夏 提交于 2020-01-01 05:21:47

问题


I'm having issues with the https connection to a server with a self signed certificate on devices < api 19. I followed this guide published by android for trusting self-signed certifcates Android SSL and it seems to work fine with all the api>19 devices i tested. How ever i keep getting the "Trust anchor for certification path not found" error on pre 19.

I've created the keystore using keytool and doesn't seem to be the problem because is working on some devices.

This is my code:

        URL url_uri = new URL(url);
        AssetManager am = context.getAssets();
        InputStream caInput = am.open("certs/myCert.bks");
        KeyStore keyStore;
        try {
            keyStore = KeyStore.getInstance("BKS");
            char[] pass = "MyPassword".toCharArray();
            keyStore.load(caInput, pass);
        } finally {
            caInput.close();
        }

        // Create a TrustManager that trusts the CAs in our KeyStore
        String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
        TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
        tmf.init(keyStore);

        // Create an SSLContext that uses our TrustManager
        SSLContext context = SSLContext.getInstance("TLS");
        context.init(null, tmf.getTrustManagers(), null);

        HttpsURLConnection urlConnection =
                (HttpsURLConnection)url_uri.openConnection();
        urlConnection.setSSLSocketFactory(context.getSocketFactory());

        InputStream in = urlConnection.getInputStream();
        BufferedReader reader = new BufferedReader(new InputStreamReader(in));
        StringBuffer sb = new StringBuffer("");
        String line = "";

        String NL = System.getProperty("line.separator");
        while ((line = reader.readLine()) != null){
            sb.append(line + NL);
        }
        in.close();
        JSON = sb.toString();

And here is the logcat error:

W/System.err: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
W/System.err:     at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:374)
W/System.err:     at libcore.net.http.HttpConnection.setupSecureSocket(HttpConnection.java:209)
W/System.err:     at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.makeSslConnection(HttpsURLConnectionImpl.java:478)
W/System.err:     at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.connect(HttpsURLConnectionImpl.java:433)
W/System.err:     at libcore.net.http.HttpEngine.sendSocketRequest(HttpEngine.java:289)
W/System.err:     at libcore.net.http.HttpEngine.sendRequest(HttpEngine.java:239)
W/System.err:     at libcore.net.http.HttpURLConnectionImpl.getResponse(HttpURLConnectionImpl.java:273)
W/System.err:     at libcore.net.http.HttpURLConnectionImpl.getInputStream(HttpURLConnectionImpl.java:168)
W/System.err:     at libcore.net.http.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:271)
W/System.err:     at com.splunk.mint.network.http.MonitorableHttpsURLConnection.getInputStream(MonitorableHttpsURLConnection.java:73)
W/System.err:     at com.w3is2.webservice.JsonConnect.connectSSL(JsonConnect.java:161)
W/System.err:     at com.w3is2.webservice.JsonConnect.getFamilias(JsonConnect.java:482)
W/System.err:     at com.w3is2.dat.biologia.ListaFamilias$DataLoader.doInBackground(ListaFamilias.java:137)
W/System.err:     at com.w3is2.dat.biologia.ListaFamilias$DataLoader.doInBackground(ListaFamilias.java:124)
W/System.err:     at android.os.AsyncTask$2.call(AsyncTask.java:287)
W/System.err:     at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:305)
W/System.err:     at java.util.concurrent.FutureTask.run(FutureTask.java:137)
W/System.err:     at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:230)
W/System.err:     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1076)
W/System.err:     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:569)
W/System.err:     at java.lang.Thread.run(Thread.java:856)W/System.err: Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
W/System.err:     at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:192)
W/System.err:     at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:163)
W/System.err:     at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:573)
W/System.err:     at org.apache.harmony.xnet.provider.jsse.NativeCrypto.SSL_do_handshake(Native Method)
W/System.err:     at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:371)
W/System.err:   ... 20 more
W/System.err: Caused by: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
W/System.err:   ... 25 more
W/System.err: org.json.JSONException: End of input at character 0 of 
W/System.err:     at org.json.JSONTokener.syntaxError(JSONTokener.java:450)
W/System.err:     at org.json.JSONTokener.nextValue(JSONTokener.java:97)
W/System.err:     at org.json.JSONObject.<init>(JSONObject.java:154)
W/System.err:     at org.json.JSONObject.<init>(JSONObject.java:171)
W/System.err:     at com.w3is2.webservice.JsonConnect.getFamilias(JsonConnect.java:488)
W/System.err:     at com.w3is2.dat.biologia.ListaFamilias$DataLoader.doInBackground(ListaFamilias.java:137)
W/System.err:     at com.w3is2.dat.biologia.ListaFamilias$DataLoader.doInBackground(ListaFamilias.java:124)
W/System.err:     at android.os.AsyncTask$2.call(AsyncTask.java:287)
W/System.err:     at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:305)
W/System.err:     at java.util.concurrent.FutureTask.run(FutureTask.java:137)
W/System.err:     at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:230)
W/System.err:     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1076)
W/System.err:     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:569)
W/System.err:     at java.lang.Thread.run(Thread.java:856)

来源:https://stackoverflow.com/questions/36472463/sslhandshakeexception-trust-anchor-for-certification-path-not-found-only-on-an

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!