CODEWITHSUNDEEP
androidhttpshostname
Adi
Adi

Reputation: 318

javax.net.ssl.SSLPeerUnverifiedException: Hostname 192.168.1.2 not verified

I'm currently learning Android. For an assignment I need to make an app which requests a json over https using a self-signed certificate and an xampp server.

I've created the certificate using apache's tool makecert, added to android and set it up so that it would recognize however I keep getting this annoying error

com.android.volley.NoConnectionError: javax.net.ssl.SSLPeerUnverifiedException: Hostname 192.168.1.2 not verified:
                                                                             certificate: sha1/g6vc6lpQuz/43pvUpMYogNNiU2o=
                                                                             DN: CN=192.168.1.2/*,OU=Adi,O=Adi,L=Oradea,ST=Bihor,C=RO
                                                                             subjectAltNames: []

I've managed to identify this bit of code

            private HostnameVerifier getHostnameVerifier() {
            return new HostnameVerifier() {
                @Override
                public boolean verify(String hostname, SSLSession session) {
                    //return true;
                    HostnameVerifier hv = HttpsURLConnection.getDefaultHostnameVerifier();
                    return hv.verify("192.168.1.2/*", session);
                }
            };
        }

but I am stumped as how to fix it. I've looked at the other threads here and the solution of setting this to always return true does work but is not really acceptable.

I also tried creating a certificate with the CN 192.168.1.2/* as I'm using multiple json files from xampps htdocs folder but still nothing

I've also tried creating a paired key using java keytool and exporting the file to a crt and key format but it caused apache to crash at startup

EDIT: One thing I've noticed is that no matter what CN I add in the certificate it always reads hostname as 192.168.1.2

Upvotes: 3

Views: 7457

Answers (1)

sagar
sagar

Reputation: 86

Check your certificate contains subjectAltName or not. If not, you have to attach your IP to subjectAltName in openssl.cnf file. Check this link for more info.

That example adds DNS as subjectAltName you can add your IP as 

subjectAltName = @alt_names
[alt_names]
IP.1 = 192.168.1.1
IP.2 = 192.168.1.2

Upvotes: 5

Related Questions