I have been trying to do this for 2 days now and I just can't get it to work.
I have a real certificate signed by COMODO, which itself is signed by USERTrust. But when I try to connect to my domain, this is what I get:
javax.net.ssl.SSLPeerUnverifiedException: No peer certificate
The code I use for this:
public void postData() { // Add your data try { HttpPost post = new HttpPost(new URI("https://example.com")); KeyStore trusted = KeyStore.getInstance("BKS"); trusted.load(null, "".toCharArray()); SSLSocketFactory sslf = new SSLSocketFactory(trusted); sslf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); SchemeRegistry schemeRegistry = new SchemeRegistry(); schemeRegistry.register(new Scheme ("https", sslf, 443)); SingleClientConnManager cm = new SingleClientConnManager(post.getParams(), schemeRegistry); HttpClient client = new DefaultHttpClient(cm, post.getParams()); // Execute HTTP Post Request @SuppressWarnings("unused") HttpResponse result = client.execute(post); } catch (ClientProtocolException e) { // TODO Auto-generated catch block Log.e(TAG,e.getMessage()); Log.e(TAG,e.toString()); e.printStackTrace(); } catch (IOException e) { // TODO Auto-generated catch block Log.e(TAG,e.getMessage()); Log.e(TAG,e.toString()); e.printStackTrace(); } catch (URISyntaxException e) { // TODO Auto-generated catch block Log.e(TAG,e.getMessage()); Log.e(TAG,e.toString()); e.printStackTrace(); } catch (KeyStoreException e) { // TODO Auto-generated catch block Log.e(TAG,e.getMessage()); Log.e(TAG,e.toString()); e.printStackTrace(); } catch (NoSuchAlgorithmException e) { // TODO Auto-generated catch block Log.e(TAG,e.getMessage()); Log.e(TAG,e.toString()); e.printStackTrace(); } catch (CertificateException e) { // TODO Auto-generated catch block e.printStackTrace(); Log.e(TAG,e.toString()); Log.e(TAG,e.getMessage()); } catch (KeyManagementException e) { // TODO Auto-generated catch block Log.e(TAG,e.getMessage()); Log.e(TAG,e.toString()); e.printStackTrace(); } catch (UnrecoverableKeyException e) { // TODO Auto-generated catch block Log.e(TAG,e.getMessage()); Log.e(TAG,e.toString()); e.printStackTrace(); } }
I tried both my domain and https://google.com . They both return the same. And here is the stack:
02-01 10:24:30.067: W/System.err(15560): javax.net.ssl.SSLPeerUnverifiedException: No peer certificate 02-01 10:24:30.088: W/System.err(15560): at org.apache.harmony.xnet.provider.jsse.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:258) 02-01 10:24:30.098: W/System.err(15560): at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:93) 02-01 10:24:30.098: W/System.err(15560): at org.apache.http.conn.ssl.SSLSocketFactory.createSocket(SSLSocketFactory.java:381) 02-01 10:24:30.108: W/System.err(15560): at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:164) 02-01 10:24:30.108: W/System.err(15560): at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164) 02-01 10:24:30.128: W/System.err(15560): at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119) 02-01 10:24:30.138: W/System.err(15560): at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:359) 02-01 10:24:30.148: W/System.err(15560): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555) 02-01 10:24:30.158: W/System.err(15560): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487) 02-01 10:24:30.158: W/System.err(15560): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465) 02-01 10:24:30.178: W/System.err(15560): at com.example.Preferences.postData(Preferences.java:103) 02-01 10:24:30.178: W/System.err(15560): at com.example.Preferences.onCreate(Preferences.java:52) 02-01 10:24:30.178: W/System.err(15560): at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1072) 02-01 10:24:30.178: W/System.err(15560): at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:1836) 02-01 10:24:30.178: W/System.err(15560): at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:1893) 02-01 10:24:30.178: W/System.err(15560): at android.app.ActivityThread.access$1500(ActivityThread.java:135) 02-01 10:24:30.178: W/System.err(15560): at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1054) 02-01 10:24:30.178: W/System.err(15560): at android.os.Handler.dispatchMessage(Handler.java:99) 02-01 10:24:30.178: W/System.err(15560): at android.os.Looper.loop(Looper.java:150) 02-01 10:24:30.178: W/System.err(15560): at android.app.ActivityThread.main(ActivityThread.java:4385) 02-01 10:24:30.188: W/System.err(15560): at java.lang.reflect.Method.invokeNative(Native Method) 02-01 10:24:30.188: W/System.err(15560): at java.lang.reflect.Method.invoke(Method.java:507) 02-01 10:24:30.188: W/System.err(15560): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:849) 02-01 10:24:30.188: W/System.err(15560): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:607)
Also, looking through the logs, I found that I consider the error that causes this:
02-01 10:44:13.122: W/System.err(15746): Catch exception while startHandshake: javax.net.ssl.SSLHandshakeException: java.security.InvalidAlgorithmParameterException: trustAnchors.isEmpty() 02-01 10:44:13.122: W/System.err(15746): return an invalid session with invalid cipher suite of SSL_NULL_WITH_NULL_NULL
During these two days, I read TONS articles explaining how to connect to a self-signed SSL-protected site. I also found this question in which I received the code, but I canβt let life determine me, which means using the default Android verification mechanism and how to implement it.
Can someone provide a piece of code that corrects or implements a connection to a REAL certificate?
Thanks!