CODEWITHSUNDEEP
androidsecuritysslhttps
Vasily G
Vasily G

Reputation: 476

Error in android application: javax.net.ssl.SSLPeerUnverifiedException: No peer certificate

Good day, may ask for advice. My code is worked properly, but one day for no apparent reason and without changes to the code on the server stopped working, displaying this error I have checked the decisions referred to by links, but none of them gave the desired result. Perhaps there was something in the SSL protocol?

Safely fixing: javax.net.ssl.SSLPeerUnverifiedException: No peer certificate

javax.net.ssl.sslpeerunverifiedexception no peer certificate

Android ssl: javax.net.ssl.SSLPeerUnverifiedException: No peer certificate

Trusting all certificates using HttpClient over HTTPS

class RequestTask extends AsyncTask<String, String, String> {

    @Override
    protected String doInBackground(String... params) {

        try {

            HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;

            DefaultHttpClient client = new DefaultHttpClient();

            SchemeRegistry registry = new SchemeRegistry();
            SSLSocketFactory socketFactory = SSLSocketFactory
                    .getSocketFactory();
            socketFactory
                    .setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
            registry.register(new Scheme("https", socketFactory, 443));
            SingleClientConnManager mgr = new SingleClientConnManager(
                    client.getParams(), registry);
            DefaultHttpClient httpClient = new DefaultHttpClient(mgr,
                    client.getParams());

            HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
            List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>();

            ResponseHandler<String> res = new BasicResponseHandler();

            HttpPost postMethod = new HttpPost("https://api.equalibra.net/banners.json");

            nameValuePairs.add(new BasicNameValuePair("lang", "rus"));
            postMethod.setEntity(new UrlEncodedFormEntity(nameValuePairs,
                    HTTP.UTF_8));

            String response = "";
            try {
                response = httpClient.execute(postMethod, res);
            } catch (Exception e) {
                Log.d("my", e.toString());
            }

            JSONURL(response);

        } catch (Exception e) {
        }
        return null;
    }

    @Override
    protected void onPostExecute(String result) {
        super.onPostExecute(result);
    }

    @Override
    protected void onPreExecute() {
        super.onPreExecute();
    }
}

Upvotes: 1

Views: 2409

Answers (2)

Vasily G
Vasily G

Reputation: 476

Indeed, the problem was that my Android SDK does not support SNI . It helped me:

Upvotes: 1

Steffen Ullrich
Steffen Ullrich

Reputation: 123260

The server requires use of SNI (server name indication). Connections not using SNI will simply fail instead of the usual case where they get a default certificate. Since this is a setting on the server side it might have changed recently so that it broke your code.

While SNI is available in newer versions of the Apache HTTP client library it is not available in the version shipped with the Android SDK, which you probably use.

Upvotes: 2

Related Questions