Issue with SSL certificate: "No peer certificate"

StackOverflow https://stackoverflow.com/questions/18626682

Question

I'm trying to authenticate through Last.fm's API.

On Android 4.3 it works just by doing

HttpPost post = new HttpPost("https://ws.audioscrobbler.com/2.0/");
post.setEntity(new UrlEncodedFormEntity(params));

HttpClient client = new DefaultHttpClient();
HttpResponse response = client.execute(post);

but on 2.3.3 I get

javax.net.ssl.SSLPeerUnverifiedException: No peer certificate

Then I tried the solution given here:

HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;

DefaultHttpClient client = new DefaultHttpClient();

SchemeRegistry registry = new SchemeRegistry();
SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory();
socketFactory.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
registry.register(new Scheme("https", socketFactory, 443));
SingleClientConnManager mgr = new SingleClientConnManager(client.getParams(), registry);
DefaultHttpClient httpClient = new DefaultHttpClient(mgr, client.getParams());

// Set verifier     
HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);        

HttpPost post = new HttpPost("https://ws.audioscrobbler.com/2.0/");
post.setEntity(new UrlEncodedFormEntity(params));

HttpResponse response = httpClient.execute(post);

but I still get the same error.

Then I tried that:

HttpParams httpParams = new BasicHttpParams();
HttpProtocolParams.setVersion(httpParams, HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(httpParams, HTTP.DEFAULT_CONTENT_CHARSET);
HttpProtocolParams.setUseExpectContinue(httpParams, true);

SchemeRegistry schReg = new SchemeRegistry();
schReg.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
schReg.register(new Scheme("https", SSLSocketFactory.getSocketFactory(), 443));
ClientConnectionManager conMgr = new ThreadSafeClientConnManager(httpParams, schReg);

DefaultHttpClient httpClient = new DefaultHttpClient(conMgr, httpParams);

HttpPost post = new HttpPost("https://ws.audioscrobbler.com/2.0/");
post.setEntity(new UrlEncodedFormEntity(params));

HttpResponse response = httpClient.execute(post);

and failed again.

Anybody can help?

Was it helpful?

Solution

There seems to be some problem with the way the certificates are returned from the server OR may be android system keystore does not have the relevant root certs to validate and complete the handshake.

Looking at the certificate chain information for the site mentioned in the question, it seems to me that the chain is not correctly sorted.

You can try the answer here

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top