Getting SSLHandShakeException

Question

While I am accessing the wsdl url I am getting the exception in android

javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException:          


        

Answer 1

The error is due to an issue in building trust with the server. Mostly your truststore does not have the certificates the server is submitting. Answers of following 2 questions may help you.

[1] - How Can I Access an SSL Connection Through Android?

[2] - Certificate is trusted by PC but not by Android

Answer 2

You shall have an authorized SSL certificate - That may solve the problem, and that is the best way solving the problem.

If not, you have to work a little bit:

The concept is that when using SSL, Android is little tougher than usual, and you shall have the certificate rights on your android, so for that, you shall have a basic keystore on your Android (like google store, but for free, and on your own Android), and make your own one trusted, by some basic manipulations.

1. Find your certificate on server, and export with private key (you shall have admin privileges). This can be done by running from start->run + certmgr.msc. Look for 'Trusted Root Certificate Authorities'. Found your certificate and do export (the keytool can load existing pfx certificate. on *.cer kind of certificate, there may be little problems.
2. You shall have a keytool. You can find explanation on http://keytool.sourceforge.net/ You can install, but I prefer the following recommandation: This is done through Help - Software Updates - Find and install - Search for new feature.... Click New Remote Site and add http://keytool.sourceforge.net/update in name and URL, and make sure its checked. Hit Finish.
3. Add a new keystore, and load your certificate (use pcs12 protocol, choose password you can remember).
4. The code need to be add is like : http://developer.android.com/training/articles/security-ssl.html#UnknownCa
5. You shall relate your connection. You use HttpTransportSE::ServiceConnection::setSSLSocketFactory like the sample. https://code.google.com/p/androidzon/source/browse/Androidzon/src/it/marco/ksoap2/HttpTransportSE.java?r=77 (Just create new function of your own, and connect it to the web service. If not working, remove ?wsdl)

Good luck!!!