Samsung SM A550W HTTPS ExtCertPathValidatorException with wrong date

Question

My app runs on all devices and simulators Except Samsung SM-A500W. It just failed to update the database. The access to the database is through php scripts stored in a TLD secure domain (Access only through httpS). The failure is because it thinks the expiration date of the certificate is passed....not true. See LogCat.

10-25 11:07:18.381 25547-25617/uro2.tradersmicro.com.uro2 D/Uploadi16: Exception jb: com.android.org.bouncycastle.jce.exception.ExtCertPathValidatorException: Could not validate certificate: Certificate expired at Sat Feb 18 18:59:59 EST 2017 (compared to Thu Oct 25 11:07:18 EDT 2018) javax.net.ssl.SSLHandshakeException: com.android.org.bouncycastle.jce.exception.ExtCertPathValidatorException: Could not validate certificate: Certificate expired at Sat Feb 18 18:59:59 EST 2017 (compared to Thu Oct 25 11:07:18 EDT 2018)

BTW. One of the fragments of my app uses a WebView. The secure database access in this part is normal.

Is there a way to avoid this error?

Answer 1

I would suggest trying to update the device security provider using the Google Play Service:

https://developer.android.com/training/articles/security-gms-provider

import com.google.android.gms.security.ProviderInstaller;

// ....

try {
  ProviderInstaller.installIfNeeded(getContext());
} catch (GooglePlayServicesRepairableException e) {
  // TODO handle error
} 

Answer 2

The way I found to circumvent this problem is to copy the php scripts to a Non Secure Domain, and ensure that they get updated as the scripts are updated. At run time:- in the try...catch of the database access to change the domain to the insecure one. So far works like a charm. Of course the database access occurs in an Async task, it seems ok to call the method again, recursively from the catch code.