
I'm trying to authenticate through's API.

On Android 4.3 it works just by doing

HttpPost post = new HttpPost("");
post.setEntity(new UrlEncodedFormEntity(params));

HttpClient client = new DefaultHttpClient();
HttpResponse response = client.execute(post);

but on 2.3.3 I get No peer certificate

Then I tried the solution given here:

HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;

DefaultHttpClient client = new DefaultHttpClient();

SchemeRegistry registry = new SchemeRegistry();
SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory();
socketFactory.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
registry.register(new Scheme("https", socketFactory, 443));
SingleClientConnManager mgr = new SingleClientConnManager(client.getParams(), registry);
DefaultHttpClient httpClient = new DefaultHttpClient(mgr, client.getParams());

// Set verifier     

HttpPost post = new HttpPost("");
post.setEntity(new UrlEncodedFormEntity(params));

HttpResponse response = httpClient.execute(post);

but I still get the same error.

Then I tried that:

HttpParams httpParams = new BasicHttpParams();
HttpProtocolParams.setVersion(httpParams, HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(httpParams, HTTP.DEFAULT_CONTENT_CHARSET);
HttpProtocolParams.setUseExpectContinue(httpParams, true);

SchemeRegistry schReg = new SchemeRegistry();
schReg.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
schReg.register(new Scheme("https", SSLSocketFactory.getSocketFactory(), 443));
ClientConnectionManager conMgr = new ThreadSafeClientConnManager(httpParams, schReg);

DefaultHttpClient httpClient = new DefaultHttpClient(conMgr, httpParams);

HttpPost post = new HttpPost("");
post.setEntity(new UrlEncodedFormEntity(params));

HttpResponse response = httpClient.execute(post);

and failed again.

Anybody can help?

Était-ce utile?

La solution

There seems to be some problem with the way the certificates are returned from the server OR may be android system keystore does not have the relevant root certs to validate and complete the handshake.

Looking at the certificate chain information for the site mentioned in the question, it seems to me that the chain is not correctly sorted.

You can try the answer here

Licencié sous: CC-BY-SA avec attribution
Non affilié à StackOverflow
scroll top