Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Could not validate certificate signature?

Tags:

I use the SSL Socket and Trustmanager from this side Self signed SSL

but i keep getting following error:

09-28 19:52:41.942: WARN/System.err(10101): javax.net.ssl.SSLHandshakeException: org.bouncycastle.jce.exception.ExtCertPathValidatorException: Could not validate certificate signature.

What is wrong? I already checked different posts on stackoverflow but i can`t seem to get it to work.

My code:

SchemeRegistry schemeRegistry = new SchemeRegistry();  // http scheme  schemeRegistry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));  // https scheme  schemeRegistry.register(new Scheme("https", new EasySSLSocketFactory(), 443)); params = new BasicHttpParams(); params.setParameter(ConnManagerPNames.MAX_TOTAL_CONNECTIONS, 1); params.setParameter(ConnManagerPNames.MAX_CONNECTIONS_PER_ROUTE, new ConnPerRouteBean(1)); params.setParameter(HttpProtocolParams.USE_EXPECT_CONTINUE, false); HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1); HttpProtocolParams.setContentCharset(params, "utf8"); CredentialsProvider credentialsProvider = new BasicCredentialsProvider(); credentialsProvider.setCredentials(new AuthScope("www.example.com", AuthScope.ANY_PORT),     new UsernamePasswordCredentials("user", "password")); clientConnectionManager = new ThreadSafeClientConnManager(params, schemeRegistry); context = new BasicHttpContext(); context.setAttribute("http.auth.credentials-provider", credentialsProvider);  DefaultHttpClient client = new DefaultHttpClient(clientConnectionManager, params);  HttpGet get = new HttpGet("https://www.example.com/web/restricted/form/formelement=512663"); HttpResponse response = client.execute(get, context);  Log.w("Response ","Status line : "+ response.toString()); 
like image 832
Lars Avatar asked Sep 28 '11 18:09

Lars


People also ask

What is timestamp invalid Airtel?

Displaying plans. Current plans Previous plans. You will be prompted with 'Invalid Time Stamp' error when the difference between the UTC timestamp generated by your server and ours is more than 30 seconds.


2 Answers

As Michael Levy mentioned, the reason I was getting this exception is that I had left my Android Emulator open for a few days and the clock had gotten pretty far out of sync. Once I restarted the emulator, the exception went away.

like image 119
Adam Johns Avatar answered Sep 28 '22 01:09

Adam Johns


Most probably server returned certificate chain with authorities you do not trust. (means: authority certificates are not known to your device as trusted) Solution: carefully examine certificates coming from HTTPS website, and add respective authorities to your truststore - but this part seems to be tricky

( here some explanations : http://groups.google.com/group/android-security-discuss/browse_thread/thread/0bf726de4f5275a3/391b900631d7f358 )

like image 40
Konstantin Pribluda Avatar answered Sep 27 '22 23:09

Konstantin Pribluda