CODEWITHSUNDEEP
javahttpsjava-memidp
manivannan
manivannan

Reputation: 622

J2ME Https connection not working

I am new to J2ME midlet. i created the midlet application for nokia. application works fine with http. but after changing the url from http to https it's not working. other https sites (like google) are working fine. but our server link is not working.i got the following exception java.io.IOException Native Error-5 . This is my sample code.

String url = "https://domain";
HttpsConnection hc = (HttpsConnection)Connector.open(url);
SecurityInfo si = hc.getSecurityInfo();
Certificate c = si.getServerCertificate();
String subject = c.getSubject();

Upvotes: 2

Views: 810

Answers (1)

Mixaz
Mixaz

Reputation: 4178

I remember Nokia phones report errors like that (errors from native code layer). It was not easy to find meaning for them. If it is a Symbian phone, you can try to check Symbian I/O error codes, from Symbian SDK doc (not Java as it absent there). The error codes are reported to J2ME with negative sign, as far as I remember. For your case I think that it happens because you use a self-signed SSL certificate on your server, and the device can't validate it against root authorities certificates installed on the device. This explains why you can access other HTTPS sites like google, which use proper certs on server.

Solution can be:

(1) to buy and install SSL cert from Twante or Verysign on your server. Some devices may not recognize Twante (they do not have appropriate root certs), some Verysign (it's unlikely, but few devices had such problem). Major part of J2ME devices should accept Twante certs, which are (were when I developed for J2ME some time ago) cheaper than Verysign

(2) install your root cert to device (possible on some devices, very few though). It's a bad solution for generic case, as you can't install cert in every device, each time user installs the app

(3) do not use SSL at all :)

(4) use HTTP but encrypt data yourself, there even are some J2ME crypto libs such as port of BouncyCastle http://en.wikipedia.org/wiki/Bouncy_Castle_(cryptography). But processing SSL in java code severely impacts performance. Acceptable for not big amount of data (texts, etc), but you may want to transfer images over regular HTTP w/o SSL

Upvotes: 1

Related Questions