Certificate is trusted by PC but not by Android -

-

since morning, certificate not trusted anymore on android , application cannot connect anymore: 

 catch exception while starthandshake: javax.net.ssl.sslhandshakeexception: java.security.cert.certpathvalidatorexception: trust anchor certification path not found.  return invalid session invalid cipher suite of ssl_null_with_null_null  javax.net.ssl.sslpeerunverifiedexception: no peer certificate     @ org.apache.harmony.xnet.provider.jsse.sslsessionimpl.getpeercertificates(sslsessionimpl.java:137)     @ org.apache.http.conn.ssl.abstractverifier.verify(abstractverifier.java:93)     @ org.apache.http.conn.ssl.sslsocketfactory.createsocket(sslsocketfactory.java:381)     @ org.apache.http.impl.conn.defaultclientconnectionoperator.openconnection(defaultclientconnectionoperator.java:165)     @ org.apache.http.impl.conn.abstractpoolentry.open(abstractpoolentry.java:164)     @ org.apache.http.impl.conn.abstractpooledconnadapter.open(abstractpooledconnadapter.java:119)     @ org.apache.http.impl.client.defaultrequestdirector.execute(defaultrequestdirector.java:360)     @ org.apache.http.impl.client.abstracthttpclient.execute(abstracthttpclient.java:591)     @ org.apache.http.impl.client.abstracthttpclient.execute(abstracthttpclient.java:807)     @ org.apache.http.impl.client.abstracthttpclient.execute(abstracthttpclient.java:781)     @ org.apache.http.impl.client.abstracthttpclient.execute(abstracthttpclient.java:770)

if try in google chrome (on pc) there's no problem , certificate trusted if try in chrome browser on android tells me certificate isn't trusted. can do?

you might missing intermediate certificate in cert file. if have visited website has same certificate seller, intermediate certificate remembered in browser. might not - or better - not case every visitor website. solve missing intermediate certificate in ssl connection, need add intermediate certificate own certificate file.

godaddy has info on intermediate certificates (but best source certificate provider): http://support.godaddy.com/help/article/868/what-is-an-intermediate-certificate

i once had issue of intermediate cert (with commodo too) , had combine own cert file intermediate ca's work. once done no errors occurred anymore.

installation instructions per webserver godaddy: http://support.godaddy.com/help/article/5346/installing-an-ssl-server-instructions?locale=en

and here list of common installation guides commodo themselves: https://support.comodo.com/index.php?/default/knowledgebase/article/view/1145/0/how-do-i-make-my-own-bundle-file-from-crt-files

depending on webserver using, you'll need specify certificates (domain certificate, intermediate , root) or combine them 1 (eg nginx) in order:

  1. domain certificate
  2. intermediate certificate
  3. root certificate

an easy way of doing in ssh terminal typing: 

cat domainfile intermediatefile rootfile > targetfile

certificate test tool

if encounter further problems or unsure whether certificate correct, please try online tool verify ssl certificate. instance: https://www.networking4all.com/en/support/tools/site+check/

sni support android 2.2 , lower

please note android 2.2 (and older) not support sni, allows multiple ssl certificates different hostnames work without issues on 1 single ip address. @technyquist providing information. please review this question sni more information on issue.


Comments

Post a Comment

Popular posts from this blog

c# - SVN Error : "svnadmin: E205000: Too many arguments" -

-
i trying reposotries using c# code process svncommand = null; var psi = new processstartinfo("svnadmin"); psi.redirectstandardoutput = true; psi.redirectstandarderror = true; psi.useshellexecute = false; psi.arguments= @"dump c:\repositories\myrepo > c:\temp\myrepodumpfile.dump"; using (svncommand = process.start(psi)) { var myoutput = svncommand.standardoutput; var myerror = svncommand.standarderror; debug.write("output :" + environment.newline + environment.newline + myoutput.readtoend() + environment.newline + "error :" + environment.newline + environment.newline + myerror.readtoend()); svncommand.close(); } when use dump command commandline svnadmin dump c:\repositories\myrepo > c:\temp\myrepodumpfile.dump it works fine when try ...
Read more

c# - Copy ObservableCollection to another ObservableCollection -

-
how copy observablecollection item observablecollection without reference of first collection? here observablecollection item value changes affecting both collections. code private observablecollection<ratemodel> _allmetalrate = new observablecollection<ratemodel>(); private observablecollection<ratemodel> _metalrateondate = new observablecollection<ratemodel>(); public observablecollection<ratemodel> allmetalrate { { return this._allmetalrate; } set { this._allmetalrate = value; notifypropertychanged("metalrate"); } } public observablecollection<ratemodel> metalrateondate { { return this._metalrateondate; } set { this._metalrateondate = value; notifypropertychanged("metalrateondate"); } } foreach (var item in metalrateondate) allmetalrate.add(item); what causing , how can solve it? you need clone object referenced item before it's a...
Read more

All overlapping substrings matching a java regex -

-
is there api method returns (possibly overlapping) substrings match regular expression? for example, have text string: string t = 04/31 412-555-1235; , , have pattern: pattern p = new pattern("\\d\\d+"); matches strings of 2 or more characters. the matches are: 04, 31, 412, 555, 1235. how overlapping matches? i want code return: 04, 31, 41, 412, 12, 55, 555, 55, 12, 123, 1235, 23, 235, 35. theoretically should possible -- there obvious o(n^2) algorithm enumerates , checks substrings against pattern. edit rather enumerating substrings, safer use region(int start, int end) method in matcher . checking pattern against separate, extracted substring might change result of match (e.g. if there non-capturing group or word boundary check @ start/end of pattern). edit 2 actually, it's unclear whether region() expect zero-width matches. specification vague, , experiments yield disappointing results. for example: string line = "xx90xx"; strin...
Read more