Android sdk manager not fetching other sdk platform

Question

I downloaded the SDK ADT bundle for windows, everything is working well but Android SDK Manager is showing error

Failed to fetch URL https://dl-ssl.google.com/android/repository/repository-7.xml, reason: SSLPeerUnverified peer not authenticated

As I want to install other android platform.

Answer 1

I've had the same issue with Ubuntu and OpenJDK and the workaround with "Force [...] http" worked for me, but i think that is from security perspective not the best solution, so i looked for another way to fix it:

The Problem is, that somehow the Google's Issuing CA certificate is missing in the Java Keystore, which is important for the SSL connection.

To solve the problem first download the Google's Issuing CA certificate from Googles Website https://pki.google.com Then open a Terminal and move to /etc/ssl/certs/java

cd /etc/ssl/certs/java/

In this location is the Java-keystore. The file is called "cacerts". Now you have to add the previously downloaded certificate to the keystore with this command

sudo keytool -import -alias googleCA -file /yourdownloadlocation/GIAG2.crt -keystore cacerts

If you hadn't changed the password before, the standard password for the keystore is "changeit". After you added the certificate, you should be able to use https to fetch the files.

Answer 2

On Linux, you can fix it with:

 ./android update sdk --no-ui -s

Also you will get tips with:

 ./android update sdk --help

inmyfree@INMYFREE:/usr/local/bin/android-sdk-linux/tools$ sudo ./android update sdk --help
Error: Flag '--help' is not valid for 'update sdk'.

       Usage:
       android [global options] update sdk [action options]
       Global options:
  -s --silent     : Silent mode, shows errors only.
  -v --verbose    : Verbose mode, shows errors, warnings and all messages.
     --clear-cache: Clear the SDK Manager repository manifest cache.
  -h --help       : Help on a specific command.

                     Action "update sdk":
  Updates the SDK by suggesting new platforms to install if available.
Options:
  -f --force     : Forces replacement of a package or its parts, even if
                   something has been modified.
  -n --dry-mode  : Simulates the update but does not download or install
                   anything.
     --proxy-host: HTTP/HTTPS proxy host (overrides settings if defined)
  -s --no-https  : Uses HTTP instead of HTTPS (the default) for downloads.
  -t --filter    : A filter that limits the update to the specified types of
                   packages in the form of a comma-separated list of
                   [platform, system-image, tool, platform-tool, doc, sample,
                   source]. This also accepts the identifiers returned by
                   'list sdk --extended'.
  -u --no-ui     : Updates from command-line (does not display the GUI)
     --proxy-port: HTTP/HTTPS proxy port (overrides settings if defined)
  -p --obsolete  : Deprecated. Please use --all instead.
  -a --all       : Includes all packages (such as obsolete and non-dependent
                   ones.)

Answer 3

I had the same problem today, installing the last JDK and setting de environment variables JAVA_HOME and JDK_HOME to C:\Program Files\Java\jdk1.8.0_92 (wich is the installation path of the last JDK) and changing the JDK segment of PATH solved the problem

Answer 4

This seems to be a problem on Ubuntu (perhaps other Debian-based distros) with the Java CACerts keystore. For some reason this does not always include the full list of entries.

To solve this, try the following:

• Delete the cacerts file

  sudo rm /etc/ssl/certs/java/cacerts

• Re-build the cacerts file using the dpkg postinstall script:

  sudo /var/lib/dpkg/info/ca-certificates-java.postinst configure

This should re-generate the cacerts file and the problem should be resolved.

Answer 5

Open the terminal and put this:

root@gl:/etc/ssl/certs/java# keytool -list -keystore cacerts
Enter keystore password: [your pass]

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 0 entries

Note: the default password for the keystore is “changeit”. Fix: To properly build the keystore with all trusted CA certificates, run this:

root@gl:~# rm /etc/ssl/certs/java/cacerts
root@gl:~# /var/lib/dpkg/info/ca-certificates-java.postinst configure

You should see a long list of added certificates (*.pem) and finally a “done”.Problem solved.

Found this here.

Answer 6

If you are on Mac osx and you still get error. Simply disable your proxy setting from System Preferences and just set proxy inside SDK Manager through one of the mentioned ways. Restart your SDK Manager and it will ask you for proxy credentials.

Answer 7

I'm an user from China. Force to use http doesn't work for me.

I set proxy in SDK Tool's option, which unexpectedly works!! Actually I have set proxy in Internet Options. This doesn't work alone.

So my solution for China users now is as following(Windows only, Mac users please try your own way):

1. Set proxy in Internet Options
2. Set proxy for Android SDK Manager. Tools--Options--Proxy setting.

---------------------------divider line for some complain-----------------------

All these things are so frustrating...

Answer 8

In Mac OS X, the solution is creating the file androidtool.cfg in our user .android folder and then add this line. Sure it is working also for Linux

sdkman.force.http=true

I hope that helps!

Answer 9

If the force http doesn't work (like in my case) try clearing or unchecking the Manifest Cache in the options menu. That resolved it for me

Answer 10

Try using "http" instead of "https". Go to the Android SDK Manager -> Tools -> Options... and check "Force https://... sources to be fetched using http://...".

Also, you can set your proxy settings, if any.