Trust all certificates? X509Certificate
I have following code which connects through HTTPS but i am getting following error during connection attempt.
WARN/System.err(9456): javax.net.ssl.SSLHandshakeException: org.bouncycastle.jce.exception.ExtCertPathValidatorException: Could not validate certificate signature.
How do i get this solved? Trust all certificates? how do i do that? It would be no issue as i only connect to the same server. FY i already implemented EasyX509TrustManager as a class in my app.
Thank you in advance.
try {
HttpClient client = new DefaultHttpClient();
// Setting up parameters
SchemeRegistry schemeRegistry = new SchemeRegistry();
// http scheme
schemeRegistry.register(new Scheme("http", PlainSocketFac开发者_如何学编程tory.getSocketFactory(), 80));
// https scheme
schemeRegistry.register(new Scheme("https", new EasySSLSocketFactory(), 443));
HttpParams params = new BasicHttpParams();
params.setParameter(ConnManagerPNames.MAX_TOTAL_CONNECTIONS, 30);
params.setParameter(ConnManagerPNames.MAX_CONNECTIONS_PER_ROUTE, new ConnPerRouteBean(30));
params.setParameter(HttpProtocolParams.USE_EXPECT_CONTINUE, false);
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
ClientConnectionManager cm = new ThreadSafeClientConnManager(params, schemeRegistry);
DefaultHttpClient httpClient = new DefaultHttpClient(cm, client.getParams());
// Example send HttpsPost request
final String url = "https://www.xxxx.com/web/restricted/form/formelement";
// Do the HTTPS Post
HttpPost httpPost = new HttpPost(url);
ArrayList<NameValuePair> postParameters;
postParameters = new ArrayList<NameValuePair>(2);
postParameters.add(new BasicNameValuePair("usr_name", username));
postParameters.add(new BasicNameValuePair("usr_password", password));
System.out.println(postParameters);
HttpResponse response = httpClient.execute(httpPost);
Log.w("Response ","Status line : "+ response.toString());
Hi Peter,
Thx for your answer, i followed your advise and the could not validate message is gone. However now i am getting the following message:
09-26 23:47:20.381: WARN/ResponseProcessCookies(10704): Cookie rejected: "BasicClientCookie[version=0,name=ObFormLoginCookie,domain=www.kpn.com,path=/web/restricted/form?formelement=512663,expiry=null]". Illegal path attribute "/web/restricted/form?formelement=512663". Path of origin: "/web/restricted/form/formelement=512663" 09-26 23:47:20.461: WARN/Response(10704): Status line : org.apache.http.message.BasicHttpResponse@407afb98
So something seems to be wrong in the headers?
Don't trust all certificates, that is a very, very bad idea. Create a keystore with your server's certificate, put in the app's raw assets, and load it into HttpClient's SSLSocketFactory. Then register this factory for https in the SchemeRegistry
.
You need to provide your own TrustManager
which trusts all certificates.
See this answer: HTTPS and self-signed certificate issue
精彩评论