android I/O error: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found

Question

I'm trying to use Spring to get some information from our server dev

i'm getting this error I/O error: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

I search a lot, i tried to use a CustomSimpleClientHttpRequestFactory and a custom HostnameVerifier

so i have something like this:

     protected void prepareConnection(HttpURLConnection connection,
        String httpMethod) throws IOException {

    connection.setFollowRedirects(true);

    HostnameVerifier v = new NullHostnameVerifier();
    ((HttpsURLConnection) connection).setDefaultHostnameVerifier(v);
      ((HttpsURLConnection) connection).setHostnameVerifier(v);



    super.prepareConnection(connection, httpMethod);
 }

and

 public class NullHostnameVerifier implements HostnameVerifier {
   public boolean verify(String hostname, SSLSession session) {
          return true;
       }
    }

i verify the program enter here: prepareConnection but he never enter in function verify of NullHostnameVerifier.

Log error:

javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

06-08 17:01:53.149: E/AndroidRuntime(32118):    at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:409)
06-08 17:01:53.149: E/AndroidRuntime(32118):    at com.android.okhttp.Connection.upgradeToTls(Connection.java:146)
06-08 17:01:53.149: E/AndroidRuntime(32118):    at com.android.okhttp.Connection.connect(Connection.java:107)
06-08 17:01:53.149: E/AndroidRuntime(32118):    at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:294)
06-08 17:01:53.149: E/AndroidRuntime(32118):    at com.android.okhttp.internal.http.HttpEngine.sendSocketRequest(HttpEngine.java:255)
06-08 17:01:53.149: E/AndroidRuntime(32118):    at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:206)
06-08 17:01:53.149: E/AndroidRuntime(32118):    at com.android.okhttp.internal.http.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:345)
06-08 17:01:53.149: E/AndroidRuntime(32118):    at com.android.okhttp.internal.http.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:89)
06-08 17:01:53.149: E/AndroidRuntime(32118):    at com.android.okhttp.internal.http.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:161)
06-08 17:01:53.149: E/AndroidRuntime(32118):    at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:72)
06-08 17:01:53.149: E/AndroidRuntime(32118):    at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:46)
06-08 17:01:53.149: E/AndroidRuntime(32118):    at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:63)
06-08 17:01:53.149: E/AndroidRuntime(32118):    at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:476)

Anyone know what is the problem and why i'm still getting this error please ?

Answer 1

I resolve the problem like this :

           ClientHttpRequestFactory HttpComponentsClientHttpRequestFactory = new   

      org.springframework.http.client.HttpComponentsClientHttpRequestFactory(getNewHttpC
  lient()) ;
       restTemplate.setRequestFactory(HttpComponentsClientHttpRequestFactory);


public HttpClient getNewHttpClient() {
    try {
        KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
        trustStore.load(null, null);

        MySSLSocketFactory sf = new MySSLSocketFactory(trustStore);
        sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

        HttpParams params = new BasicHttpParams();
        HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
        HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);

        SchemeRegistry registry = new SchemeRegistry();
        registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
        registry.register(new Scheme("https", sf, 443));

        ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);

        return new DefaultHttpClient(ccm, params);
    } catch (Exception e) {
        return new DefaultHttpClient();
    }
}

and

 import org.apache.http.conn.ssl.SSLSocketFactory;
public class MySSLSocketFactory extends SSLSocketFactory {
    SSLContext sslContext = SSLContext.getInstance("TLS");

    public MySSLSocketFactory(KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        super(truststore);

        TrustManager tm = new X509TrustManager() {
            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
            }

            public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
            }

            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        };

        sslContext.init(null, new TrustManager[] { tm }, null);
    }

    @Override
    public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException {
        return sslContext.getSocketFactory().createSocket(socket, host, port, autoClose);
    }

    @Override
    public Socket createSocket() throws IOException {
        return sslContext.getSocketFactory().createSocket();
    }
 }