Until now, i was connecting to a http
server which returns some data. Now, that server has changed and its https
. Now, when connecting to the new url I'm getting this exception:
javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
In iOS this problem does not exist and the new https url returns the data correctly without doing nothing and with the same old code which worked with the http
version of the server.
There is a way to avoid this problem without making changes at the source code like in iOS? This is only one of the various http connectiosn which i'm doing and which are being migrated to https on my app.
This is my code:
URLConnection connection;
URL url = new URL(configUrl);
connection = url.openConnection();
connection.setConnectTimeout(5000);
connection.setReadTimeout(5000);
int responseCode = ((HttpURLConnection)connection).getResponseCode();
Your server uses some certificate authority that is recognized by iOS and is not recognized by Android. There is little that you can do about this directly, other than complain to the server team.
If your
minSdkVersion
is 24 or higher, you can use network security configuration to teach Android about your certificate authority. This will not require any changes to Java code, but it will require setting up some resources and pointing to them in the manifest.If your
minSdkVersion
is 17 through 23, you can use my backport of network security configuration, though this will require some code changes.If your
minSdkVersion
is below 17, you will need to treat this situation more or less like a server using a self-signed certificate, and roll your ownTrustManager
.