SSLHandshakeException: доверенная привязка для пути сертификации не найдена. Только на Android API <19
У меня проблемы с подключением https к серверу с самозаверяющим сертификатом на устройствах <api 19. Я следовал этому руководству, опубликованному android для доверия самоподписанным сертификатамAndroid SSL и, кажется, работает нормально со всеми устройствами api> 19, которые я тестировал. Как бы то ни было, я получаю ошибку «Доверительный якорь для пути сертификации не найден» до 19.
Я создал хранилище ключей, используя keytool, и, похоже, это не проблема, потому что он работает на некоторых устройствах.
Это мой код:
URL url_uri = new URL(url);
AssetManager am = context.getAssets();
InputStream caInput = am.open("certs/myCert.bks");
KeyStore keyStore;
try {
keyStore = KeyStore.getInstance("BKS");
char[] pass = "MyPassword".toCharArray();
keyStore.load(caInput, pass);
} finally {
caInput.close();
}
// Create a TrustManager that trusts the CAs in our KeyStore
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keyStore);
// Create an SSLContext that uses our TrustManager
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), null);
HttpsURLConnection urlConnection =
(HttpsURLConnection)url_uri.openConnection();
urlConnection.setSSLSocketFactory(context.getSocketFactory());
InputStream in = urlConnection.getInputStream();
BufferedReader reader = new BufferedReader(new InputStreamReader(in));
StringBuffer sb = new StringBuffer("");
String line = "";
String NL = System.getProperty("line.separator");
while ((line = reader.readLine()) != null){
sb.append(line + NL);
}
in.close();
JSON = sb.toString();
И вот ошибка logcat:
W/System.err: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
W/System.err: at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:374)
W/System.err: at libcore.net.http.HttpConnection.setupSecureSocket(HttpConnection.java:209)
W/System.err: at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.makeSslConnection(HttpsURLConnectionImpl.java:478)
W/System.err: at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.connect(HttpsURLConnectionImpl.java:433)
W/System.err: at libcore.net.http.HttpEngine.sendSocketRequest(HttpEngine.java:289)
W/System.err: at libcore.net.http.HttpEngine.sendRequest(HttpEngine.java:239)
W/System.err: at libcore.net.http.HttpURLConnectionImpl.getResponse(HttpURLConnectionImpl.java:273)
W/System.err: at libcore.net.http.HttpURLConnectionImpl.getInputStream(HttpURLConnectionImpl.java:168)
W/System.err: at libcore.net.http.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:271)
W/System.err: at com.splunk.mint.network.http.MonitorableHttpsURLConnection.getInputStream(MonitorableHttpsURLConnection.java:73)
W/System.err: at com.w3is2.webservice.JsonConnect.connectSSL(JsonConnect.java:161)
W/System.err: at com.w3is2.webservice.JsonConnect.getFamilias(JsonConnect.java:482)
W/System.err: at com.w3is2.dat.biologia.ListaFamilias$DataLoader.doInBackground(ListaFamilias.java:137)
W/System.err: at com.w3is2.dat.biologia.ListaFamilias$DataLoader.doInBackground(ListaFamilias.java:124)
W/System.err: at android.os.AsyncTask$2.call(AsyncTask.java:287)
W/System.err: at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:305)
W/System.err: at java.util.concurrent.FutureTask.run(FutureTask.java:137)
W/System.err: at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:230)
W/System.err: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1076)
W/System.err: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:569)
W/System.err: at java.lang.Thread.run(Thread.java:856)W/System.err: Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
W/System.err: at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:192)
W/System.err: at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:163)
W/System.err: at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:573)
W/System.err: at org.apache.harmony.xnet.provider.jsse.NativeCrypto.SSL_do_handshake(Native Method)
W/System.err: at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:371)
W/System.err: ... 20 more
W/System.err: Caused by: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
W/System.err: ... 25 more
W/System.err: org.json.JSONException: End of input at character 0 of
W/System.err: at org.json.JSONTokener.syntaxError(JSONTokener.java:450)
W/System.err: at org.json.JSONTokener.nextValue(JSONTokener.java:97)
W/System.err: at org.json.JSONObject.<init>(JSONObject.java:154)
W/System.err: at org.json.JSONObject.<init>(JSONObject.java:171)
W/System.err: at com.w3is2.webservice.JsonConnect.getFamilias(JsonConnect.java:488)
W/System.err: at com.w3is2.dat.biologia.ListaFamilias$DataLoader.doInBackground(ListaFamilias.java:137)
W/System.err: at com.w3is2.dat.biologia.ListaFamilias$DataLoader.doInBackground(ListaFamilias.java:124)
W/System.err: at android.os.AsyncTask$2.call(AsyncTask.java:287)
W/System.err: at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:305)
W/System.err: at java.util.concurrent.FutureTask.run(FutureTask.java:137)
W/System.err: at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:230)
W/System.err: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1076)
W/System.err: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:569)
W/System.err: at java.lang.Thread.run(Thread.java:856)