java - "Trust anchor for certification path not found" in Android SSL Socket client -
java - "Trust anchor for certification path not found" in Android SSL Socket client -
i'm trying connect ssl server using android client app. server has jks certificate converted bks using portecle. server code simple:
public class echoserver { public static void main(string[] arstring) { seek { sslserversocketfactory sslserversocketfactory = (sslserversocketfactory) sslserversocketfactory.getdefault(); sslserversocket sslserversocket = (sslserversocket) sslserversocketfactory.createserversocket(25000); sslsocket sslsocket = (sslsocket) sslserversocket.accept(); inputstream inputstream = sslsocket.getinputstream(); inputstreamreader inputstreamreader = new inputstreamreader(inputstream); bufferedreader bufferedreader = new bufferedreader(inputstreamreader); string string = null; while ((string = bufferedreader.readline()) != null) { system.out.println(string); system.out.flush(); } } grab (exception exception) { exception.printstacktrace(); } } }
server works (i tested java client app using same certificate , showed no problem). now, converted jks server certificate in bks certificate using portecle, android unable connect server. android code looks like
inputstream certificato = getresources().openrawresource(r.raw.keystore); keystore truststore = null; seek { string tfmalgorithm=trustmanagerfactory.getdefaultalgorithm(); truststore = keystore.getinstance("bks"); truststore.load(certificato, "123456".tochararray()); trustmanagerfactory tmf=trustmanagerfactory.getinstance(tfmalgorithm); tmf.init(truststore); sslcontext slc=sslcontext.getinstance("ssl"); slc.init(null,tmf.gettrustmanagers(),new securerandom()); sslsocketfactory fs=slc.getsocketfactory(); socket socket = fs.createsocket("10.0.0.2", 25000); /*inputstream inputstream = socket.getinputstream(); inputstreamreader inputstreamreader = new inputstreamreader(inputstream); bufferedreader bufferedreader = new bufferedreader(inputstreamreader);*/ outputstream os = socket.getoutputstream(); outputstreamwriter osw = new outputstreamwriter(os); bufferedwriter bw = new bufferedwriter(osw); string sendmessage = "brova"; bw.write(sendmessage + "\n"); bw.flush(); system.out.println("message sent server : " + sendmessage); } grab (keystoreexception e) { e.printstacktrace(); } grab (certificateexception e) { e.printstacktrace(); } grab (nosuchalgorithmexception e) { e.printstacktrace(); } grab (ioexception e) { e.printstacktrace(); } grab (keymanagementexception e) { e.printstacktrace(); } homecoming "ok"; } it should work, because it's same code utilize on java pc client, raises exception stack:
10-31 00:05:09.068 9921-10142/com.example.furt.myapplication w/system.err﹕ javax.net.ssl.sslhandshakeexception: java.security.cert.certpathvalidatorexception: trust anchor certification path not found. 10-31 00:05:09.068 9921-10142/com.example.furt.myapplication w/system.err﹕ @ org.apache.harmony.xnet.provider.jsse.opensslsocketimpl.starthandshake(opensslsocketimpl.java:375) 10-31 00:05:09.068 9921-10142/com.example.furt.myapplication w/system.err﹕ @ org.apache.harmony.xnet.provider.jsse.opensslsocketimpl$ssloutputstream.<init>(opensslsocketimpl.java:669) 10-31 00:05:09.068 9921-10142/com.example.furt.myapplication w/system.err﹕ @ org.apache.harmony.xnet.provider.jsse.opensslsocketimpl.getoutputstream(opensslsocketimpl.java:606) 10-31 00:05:09.068 9921-10142/com.example.furt.myapplication w/system.err﹕ @ com.example.furt.myapplication.myactivity$richiestaserver.doinbackground(myactivity.java:235) 10-31 00:05:09.068 9921-10142/com.example.furt.myapplication w/system.err﹕ @ com.example.furt.myapplication.myactivity$richiestaserver.doinbackground(myactivity.java:166) 10-31 00:05:09.078 9921-10142/com.example.furt.myapplication w/system.err﹕ @ android.os.asynctask$2.call(asynctask.java:287) 10-31 00:05:09.078 9921-10142/com.example.furt.myapplication w/system.err﹕ @ java.util.concurrent.futuretask$sync.innerrun(futuretask.java:305) 10-31 00:05:09.078 9921-10142/com.example.furt.myapplication w/system.err﹕ @ java.util.concurrent.futuretask.run(futuretask.java:137) 10-31 00:05:09.078 9921-10142/com.example.furt.myapplication w/system.err﹕ @ android.os.asynctask$serialexecutor$1.run(asynctask.java:230) 10-31 00:05:09.078 9921-10142/com.example.furt.myapplication w/system.err﹕ @ java.util.concurrent.threadpoolexecutor.runworker(threadpoolexecutor.java:1076) 10-31 00:05:09.078 9921-10142/com.example.furt.myapplication w/system.err﹕ @ java.util.concurrent.threadpoolexecutor$worker.run(threadpoolexecutor.java:569) 10-31 00:05:09.078 9921-10142/com.example.furt.myapplication w/system.err﹕ @ java.lang.thread.run(thread.java:864) 10-31 00:05:09.078 9921-10142/com.example.furt.myapplication w/system.err﹕ caused by: java.security.cert.certificateexception: java.security.cert.certpathvalidatorexception: trust anchor certification path not found. 10-31 00:05:09.078 9921-10142/com.example.furt.myapplication w/system.err﹕ @ org.apache.harmony.xnet.provider.jsse.trustmanagerimpl.checktrusted(trustmanagerimpl.java:192) 10-31 00:05:09.078 9921-10142/com.example.furt.myapplication w/system.err﹕ @ org.apache.harmony.xnet.provider.jsse.trustmanagerimpl.checkservertrusted(trustmanagerimpl.java:163) 10-31 00:05:09.078 9921-10142/com.example.furt.myapplication w/system.err﹕ @ org.apache.harmony.xnet.provider.jsse.opensslsocketimpl.verifycertificatechain(opensslsocketimpl.java:574) 10-31 00:05:09.078 9921-10142/com.example.furt.myapplication w/system.err﹕ @ org.apache.harmony.xnet.provider.jsse.nativecrypto.ssl_do_handshake(native method) 10-31 00:05:09.078 9921-10142/com.example.furt.myapplication w/system.err﹕ @ org.apache.harmony.xnet.provider.jsse.opensslsocketimpl.starthandshake(opensslsocketimpl.java:372) 10-31 00:05:09.078 9921-10142/com.example.furt.myapplication w/system.err﹕ ... 11 more 10-31 00:05:09.078 9921-10142/com.example.furt.myapplication w/system.err﹕ caused by: java.security.cert.certpathvalidatorexception: trust anchor certification path not found. 10-31 00:05:09.078 9921-10142/com.example.furt.myapplication w/system.err﹕ ... 16 more 10-31 00:05:09.128 9921-9921/com.example.furt.myapplication d/memalloc﹕ ion: mapped buffer base:0x50f8b000 size:61440 offset:0 fd:80 10-31 00:05:09.128 9921-9921/com.example.furt.myapplication d/memalloc﹕ ion: mapped buffer base:0x4f274000 size:4096 offset:0 fd:82 10-31 00:05:11.088 9921-9921/com.example.furt.myapplication d/memalloc﹕ ion: unmapping buffer base:0x50f8b000 size:61440 10-31 00:05:11.088 9921-9921/com.example.furt.myapplication d/memalloc﹕ ion: unmapping buffer base:0x4f274000 size:4096 10-31 00:06:11.878 9921-9921/com.example.furt.myapplication i/inputmethodmanager﹕ startinput, mservedview=android.widget.edittext@417e4420, inputtype=0x81, pid=9921 can explain why? i've read around ŧhe "trust anchor certificate path not found" due missing trustmanager, code should refer trustmanagerfactory uses certificate. doing wrong? give thanks much in advance!
java android ssl
Comments
Post a Comment