So I've been stuck on this for a while. The call worked and then it didn't after a week. Makes me wonder whats going on. I got the certificate (also tried the chain, from the site - PEM format) but this error persists.
Below is my code
public static HttpsURLConnection setUpHttpsConnection(String urlString, Context ctx)
{
try
{
CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream caInput = new BufferedInputStream(ctx.getAssets().open("servercert.pem"));
Certificate ca = cf.generateCertificate(caInput);
System.out.println("ca=" + ((X509Certificate) ca).getSubjectDN());
// Create a KeyStore containing our trusted CAs
String keyStoreType = KeyStore.getDefaultType();
KeyStore keyStore = KeyStore.getInstance(keyStoreType);
keyStore.load(null, null);
keyStore.setCertificateEntry("ca", ca);
// Create a TrustManager that trusts the CAs in our KeyStore
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keyStore);
// Create a TrustManager that trusts the CAs in our KeyStore
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keyStore);
// Create an SSLContext that uses our TrustManager
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), null);
// Tell the URLConnection to use a SocketFactory from our SSLContext
URL url = new URL(urlString);
URLEncoder.encode(url.toString(), "UTF-8");
HttpsURLConnection urlConnection = (HttpsURLConnection)url.openConnection();
urlConnection.setSSLSocketFactory(context.getSocketFactory());
return urlConnection;
}
catch (Exception ex)
{
Log.e(TAG, "Failed to establish SSL connection to server: " + ex.toString());
return null;
}
}
and in a task called from MainActivity, I have
HttpsURLConnection myConnection = setUpHttpsConnection(endpoint.toString(), ctx);
//end point is - www.alphavantage.co/query?function=GLOBAL_QUOTE&symbol=NVDA&datatype=json&apikey=U89XCI9ILUCICTP1
//fails on the line below
if (myConnection.getResponseCode() == 200) {
InputStream responseBody = myConnection.getInputStream();
It fails on if (myConnection.getResponseCode() == 200) {
with the stacktrace
W/System.err: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. W/System.err: at com.android.org.conscrypt.SSLUtils.toSSLHandshakeException(SSLUtils.java:362) W/System.err: at com.android.org.conscrypt.ConscryptEngine.convertException(ConscryptEngine.java:1134) W/System.err: at com.android.org.conscrypt.ConscryptEngine.readPlaintextData(ConscryptEngine.java:1089) W/System.err: at com.android.org.conscrypt.ConscryptEngine.unwrap(ConscryptEngine.java:876) W/System.err: at com.android.org.conscrypt.ConscryptEngine.unwrap(ConscryptEngine.java:747) W/System.err: at com.android.org.conscrypt.ConscryptEngine.unwrap(ConscryptEngine.java:712) W/System.err: at com.android.org.conscrypt.ConscryptEngineSocket$SSLInputStream.processDataFromSocket(ConscryptEngineSocket.java:849) W/System.err: at com.android.org.conscrypt.ConscryptEngineSocket$SSLInputStream.access$100(ConscryptEngineSocket.java:722) W/System.err: at com.android.org.conscrypt.ConscryptEngineSocket.doHandshake(ConscryptEngineSocket.java:238)
I have set the networkconfig.xml to point to the certificate and also set up the manifest file.
Thanks
Keep getting the same error.