英文:
Android: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found
问题
我正在使用自签名的私有 CA 证书。我已将该证书导入到我的 Android 设备中。我可以在 "设置" -> "安全" -> "受信任的凭据" -> "用户" 下看到它。
我能够访问一个使用由该 CA 签名的证书的网站。我可以看到绿色的挂锁。但是当我从我的 Android 应用程序向相同的 URL 发送 HTTPS 请求时,我收到 找不到证书路径的信任锚点 的错误。
我尝试为 HTTPS 调用使用自己的 SSL 上下文,我能够获得 200(成功)的响应。但我只能使用默认的 Android 信任存储。如果没有任何办法可行,那么我的最后选择将是使用自定义的 SSL 上下文。因此,我想要确定默认信任存储方式是否可行。
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
if (conn instanceof HttpsURLConnection && sslSocketFactory != null) {
((HttpsURLConnection) conn).setSSLSocketFactory(sslSocketFactory);
}
int responseCode = conn.getResponseCode();
任何进一步调试的想法都会有所帮助,因为我在这个问题上已经卡住了将近一个星期。
谢谢。
英文:
I'm using a private CA certificate that is self-signed. I've imported the certificate to my Android device. I'm able to see it under Settings -> Security -> Trusted Credentials -> User.
I'm able to reach a website that is using the certificate signed by the CA. And I'm able to see the green padlock. But when I make HTTPS calls to the same URL from my android application, I'm getting Trust anchor for certification path not found.
I tried having my own SSL context for the HTTPS call, and I'm able to get 200 (Success). But I'm only allowed to use the default android trust store. If nothing works, then my final option will be going with the custom SSL context. So, I want to know for sure whether the default trust store way will work or not.
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
if(conn instanceof HttpsURLConnection && sslSocketFactory != null){
((HttpsURLConnection) conn).setSSLSocketFactory(sslSocketFactory);
}
int responseCode = conn.getResponseCode();
Any ideas to debug further would be helpful because I'm stuck on this for almost a week now.
Thanks.
专注分享java语言的经验与见解,让所有开发者获益!
评论