Yes I had, though it's not in my sample code. The verification that fails is not the hostname, but later when checking the certificate. And I didn't find a class such as "AllowAllSelfSignedCertificates".
2008/10/23 Sean Sullivan <[EMAIL PROTECTED]> > > > Have you tried using > org.apache.http.conn.ssl.AllowAllHostnameVerifier ? > > > http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/module-client/src/main/java/org/apache/http/conn/ssl/AllowAllHostnameVerifier.java?view=markup > > Sean > > > On Oct 17, 7:07 am, Guillaume Perrot <[EMAIL PROTECTED]> wrote: > > On android 1.0 I tried to connect to my https server which uses a self- > > signed certificate: > > Here is my code, which uses a custom hostname verifier: > > /* Create and initialize HTTP parameters */ > > HttpParams params = new BasicHttpParams(); > > ConnManagerParams.setMaxTotalConnections(params, 2); > > HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1); > > > > /* Create and initialize scheme registry */ > > SchemeRegistry schemeRegistry = new SchemeRegistry(); > > schemeRegistry.register(new Scheme("http", PlainSocketFactory > > .getSocketFactory(), 80)); > > SSLSocketFactory sslSocketFactory = > > SSLSocketFactory.getSocketFactory(); > > sslSocketFactory.setHostnameVerifier(new X509HostnameVerifier() > > { > > @Override > > public boolean verify(String host, SSLSession session) > > { > > return true; > > } > > > > @Override > > public void verify(String host, SSLSocket ssl) throws > > IOException > > { > > /* Nothing to do */ > > } > > > > @Override > > public void verify(String host, X509Certificate cert) throws > > SSLException > > { > > /* Nothing to do */ > > } > > > > @Override > > public void verify(String host, String[] cns, String[] > > subjectAlts) > > throws SSLException > > { > > /* Nothing to do */ > > } > > }); > > schemeRegistry.register(new Scheme("https", sslSocketFactory, > > 443)); > > > > /* Allow multiple threads (two in our case) to access the HTTP > > client */ > > ClientConnectionManager cm = new > > ThreadSafeClientConnManager(params, > > schemeRegistry); > > mHttpClient = new DefaultHttpClient(cm, params); > > > > try > > { > > HttpGet ping = new HttpGet(mConnectionManagerURL); > > HttpResponse response = mHttpClient.execute(ping); > > HttpEntity entity = response.getEntity(); > > if (entity != null) > > entity.consumeContent(); > > } > > catch (IOException ioe) > > { > > ioe.printStackTrace(); > > shutdown(); > > throw ioe; > > } > > catch (Exception e) > > { > > e.printStackTrace(); > > shutdown(); > > throw new IOException(e.getMessage()); > > } > > > > I have the following exception in stack trace: > > > > 10-17 13:46:23.484: ERROR/ubikim-streams(783): > > javax.net.ssl.SSLException: Not trusted server certificate > > 10-17 13:46:23.554: ERROR/ubikim-streams(783): at > > > org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java: > > 353) > > 10-17 13:46:23.654: ERROR/ubikim-streams(783): at > > org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl > > $SSLInputStream.<init>(OpenSSLSocketImpl.java:491) > > 10-17 13:46:23.704: ERROR/ubikim-streams(783): at > > > org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.java: > > 432) > > 10-17 13:46:23.784: ERROR/ubikim-streams(783): at > > org.apache.http.impl.io.SocketInputBuffer.<init>(SocketInputBuffer.java: > > 93) > > 10-17 13:46:23.844: ERROR/ubikim-streams(783): at > > > org.apache.http.impl.SocketHttpClientConnection.createSessionInputBuffer(SocketHttpClientConnection.java: > > 83) > > 10-17 13:46:23.894: ERROR/ubikim-streams(783): at > > > org.apache.http.impl.conn.DefaultClientConnection.createSessionInputBuffer(DefaultClientConnection.java: > > 170) > > 10-17 13:46:23.944: ERROR/ubikim-streams(783): at > > > org.apache.http.impl.SocketHttpClientConnection.bind(SocketHttpClientConnection.java: > > 106) > > 10-17 13:46:24.035: ERROR/ubikim-streams(783): at > > > org.apache.http.impl.conn.DefaultClientConnection.openCompleted(DefaultClientConnection.java: > > 129) > > 10-17 13:46:24.085: ERROR/ubikim-streams(783): at > > > org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java: > > 136) > > 10-17 13:46:24.135: ERROR/ubikim-streams(783): at > > org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java: > > 164) > > 10-17 13:46:24.185: ERROR/ubikim-streams(783): at > > > org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java: > > 119) > > 10-17 13:46:24.275: ERROR/ubikim-streams(783): at > > > org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java: > > 348) > > 10-17 13:46:24.325: ERROR/ubikim-streams(783): at > > > org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java: > > 555) > > 10-17 13:46:24.375: ERROR/ubikim-streams(783): at > > > org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java: > > 487) > > 10-17 13:46:24.425: ERROR/ubikim-streams(783): at > > > org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java: > > 465) > > 10-17 13:46:24.504: ERROR/ubikim-streams(783): at > > com.ubikod.smackx.bosh.BoshSession.<init>(BoshSession.java:105) > > 10-17 13:46:24.554: ERROR/ubikim-streams(783): at > > com.ubikod.smackx.bosh.BoshSocket.<init>(BoshSocket.java:15) > > 10-17 13:46:24.594: ERROR/ubikim-streams(783): at > > > com.ubikod.smackx.bosh.BoshSocketFactory.createSocket(BoshSocketFactory.java: > > 27) > > 10-17 13:46:24.644: ERROR/ubikim-streams(783): at > > > org.jivesoftware.smack.XMPPConnection.connectUsingConfiguration(XMPPConnection.java: > > 818) > > 10-17 13:46:24.734: ERROR/ubikim-streams(783): at > > org.jivesoftware.smack.XMPPConnection.connect(XMPPConnection.java: > > 1276) > > 10-17 13:46:24.774: ERROR/ubikim-streams(783): at > > com.ubikod.android.ubikim.service.UbikIMService > > $1.run(UbikIMService.java:476) > > 10-17 13:46:24.844: ERROR/ubikim-streams(783): Caused by: > > java.security.cert.CertificateException: > > java.security.cert.CertPathValidatorException: TrustAnchor for > > CertPath not found. > > 10-17 13:46:24.945: ERROR/ubikim-streams(783): at > > > org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java: > > 158) > > 10-17 13:46:25.005: ERROR/ubikim-streams(783): at > > > org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java: > > 349) > > 10-17 13:46:25.035: ERROR/ubikim-streams(783): ... 20 more > > 10-17 13:46:25.095: ERROR/ubikim-streams(783): Caused by: > > java.security.cert.CertPathValidatorException: TrustAnchor for > > CertPath not found. > > 10-17 13:46:25.205: ERROR/ubikim-streams(783): at > > > org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi.engineValidate(PKIXCertPathValidatorSpi.java: > > 144) > > 10-17 13:46:25.245: ERROR/ubikim-streams(783): at > > java.security.cert.CertPathValidator.validate(CertPathValidator.java: > > 153) > > 10-17 13:46:25.305: ERROR/ubikim-streams(783): at > > > org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java: > > 154) > > 10-17 13:46:25.335: ERROR/ubikim-streams(783): ... 21 more > > > > The code of my custom hostname verifier is called, but another check > > fails later and I didn't find a way to override this behavior. > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~----------~----~----~----~------~----~------~--~---
