certificate ssl webservice keystore

by Peterman » Thu, 11 Dec 2008 19:56:59 GMT


Sponsored Links
 Hi to all

I have a problem whit the keystore that android gave us. I am
developing an application using the debug.keystore file that permit us
use maps of google (I generate the apikey, and I can see the maps
correctly). But now I have to call a webservice whit security (https)
and I have to add a certificate to my keystore (the keystore of debug
mode). I add my certificate wich permit me call to my webservice but
when I call it the emulator fails and give me the next error:

12-11 12:46:09.406: WARN/System.err(195): javax.net.ssl.SSLException:
Not trusted server certificate
12-11 12:46:09.416: WARN/System.err(195):     at
org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake
(OpenSSLSocketImpl.java:353)
12-11 12:46:09.426: WARN/System.err(195):     at
org.apache.harmony.luni.internal.net.www.protocol.http.HttpConnection.getSecureSocket
(HttpConnection.java:167)
12-11 12:46:09.426: WARN/System.err(195):     at
org.apache.harmony.luni.internal.net.www.protocol.https.HttpsURLConnection
$HttpsEngine.connect(HttpsURLConnection.java:398)
12-11 12:46:09.436: WARN/System.err(195):     at
org.apache.harmony.luni.internal.net.www.protocol.https.HttpsURLConnection.connect
(HttpsURLConnection.java:146)
12-11 12:46:09.446: WARN/System.err(195):     at
org.ksoap2.transport.ServiceConnectionSE.connect(Unknown Source)
12-11 12:46:09.446: WARN/System.err(195):     at
org.ksoap2.transport.HttpTransportSE.call(HttpTransportSE.java:87)
12-11 12:46:09.446: WARN/System.err(195):     at
android.assistive.ws.ProblemsWS.sendForm(ProblemsWS.java:160)
12-11 12:46:09.446: WARN/System.err(195):     at
android.assistive.monitorizacion.FormularioToxicidad.run
(FormularioToxicidad.java:123)
12-11 12:46:09.446: WARN/System.err(195):     at java.lang.Thread.run
(Thread.java:935)
12-11 12:46:09.486: WARN/System.err(195): Caused by:
java.security.cert.CertificateException:
java.security.cert.CertPathValidatorException: TrustAnchor for
CertPath not found.
12-11 12:46:09.496: WARN/System.err(195):     at
org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted
(TrustManagerImpl.java:158)
12-11 12:46:09.506: WARN/System.err(195):     at
org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake
(OpenSSLSocketImpl.java:349)
12-11 12:46:09.516: WARN/System.err(195):     ... 8 more
12-11 12:46:09.516: WARN/System.err(195): Caused by:
java.security.cert.CertPathValidatorException: TrustAnchor for
CertPath not found.
12-11 12:46:09.536: WARN/System.err(195):     at
org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi.engineValidate
(PKIXCertPathValidatorSpi.java:144)
12-11 12:46:09.546: WARN/System.err(195):     at
java.security.cert.CertPathValidator.validate(CertPathValidator.java:
153)
12-11 12:46:09.546: WARN/System.err(195):     at
org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted
(TrustManagerImpl.java:154)
12-11 12:46:09.556: WARN/System.err(195):     ... 9 more


Could I do this with the keystore that android give us? Is not
possible add a certificate to this keystore?
Somebody has the same problem?

thanks
--~--~---------~--~----~------------~-------~--~----~



certificate ssl webservice keystore

by Michael » Fri, 12 Dec 2008 01:00:54 GMT


 Yep, join the club.  Lots of us are complaining about the inability to
add certificates to the system keystore.

One way that people have been working around this (in apps like
k9mail, for example), is to use an application-specific keystore.

--~--~---------~--~----~------------~-------~--~----~


Sponsored Links


certificate ssl webservice keystore

by Michael » Fri, 19 Dec 2008 23:24:16 GMT


 I second the mention of using K9 as reference.  Check in the src/com/
fsck/k9/mail/store/ directory, specifically the ImapStore.java and
TrustManagerFactory.java files, among others.

Also note that this stuff isn't Android-specific, these are standard
java.* and javax.* libraries, and there's lots of examples on the 'net
about using them.
--~--~---------~--~----~------------~-------~--~----~



Other Threads

1. Security patterns/regimes in Androi

Can someone please point me toward any information on the security
patterns Android currently employs.


Thanks in advance
T.J.

2. Dynamically changing the language at runtime

This isn't really supported, though you can change the language of the
Configuration used by your Resources object.  This will only impact your own
app, though, not things displayed by others like your notifications (those
will still use the system's locale).

On Fri, Jan 23, 2009 at 10:39 PM, Raja Nagendra Kumar <









-- 
Dianne Hackborn
Android framework engineer
hack...@android.com

Note: please don't send private questions to me, as I don't have time to
provide private support.  All such questions should be posted on public
forums, where I and others can see and answer them.

--~--~---------~--~----~------------~-------~--~----~

3. Opening serial device for multiplexing

4. adding a custom class to the android source

5. Loading DEX files at runtime from SDCARD - Possible?

6. disabling screen lock

7. Is there way to keep the phone number as is before it hits the RIL layer?