How do I call a secure (SSL) webservice in Android, when Android does not see the certificate?

Question

I'm new to Android and I'am struggling to make a call to an SSL web service for an Android Application. My code is as follows:

Log.v("fs", "Making HTTP call...");
HttpClient http = new DefaultHttpClient();
HttpGet request = new HttpGet("https://example.com/api");

try {

    String response = http.execute(request, new BasicResponseHandler());
    Log.v("fs", response);

} catch (Exception e) {

    Log.v("fs", e.toString());
}

The Output is:

Making HTTP call...
javax.net.SSLPeerUnverifiedException: No peer certificate

Any suggestions to make this work would be great.

I should note that this is a valid cert. It is signed by an official CA.

Answer 1

Have you test that the mobile date and hour are the correct ones ??, if you are using SSL and have your mobile in 1990 it will return

javax.net.SSLPeerUnverifiedException: No peer certificate

Regards

Answer 2

Try the following. I have added SSLSocketFactory to handle SSL connections, plus it adds support for handling multiple connections simultaneously using ThreadSafeClientConnManager. You can remove socket timeout and connection timeouts.

    SchemeRegistry schemeRegistry = new SchemeRegistry();
    schemeRegistry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
    schemeRegistry.register(new Scheme("mxiss", SSLSocketFactory.getSocketFactory(), 443));

    HttpParams params = new BasicHttpParams();
    int timeoutConnection = 5000;
    HttpConnectionParams.setConnectionTimeout(params, timeoutConnection);
    int timeoutSocket = 10000;
    HttpConnectionParams.setSoTimeout(params, timeoutSocket);
    params.setParameter(ConnManagerPNames.MAX_TOTAL_CONNECTIONS, 30);
    params.setParameter(ConnManagerPNames.MAX_CONNECTIONS_PER_ROUTE, new ConnPerRouteBean(30));
    params.setParameter(HttpProtocolParams.USE_EXPECT_CONTINUE, false);
    HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);

    ThreadSafeClientConnManager cm = new ThreadSafeClientConnManager(params, schemeRegistry);

    _client = new DefaultHttpClient(cm, params);

Hope this helps.

If your client does not trust the server certificate register a different protocol and accept all certificates for that protocol. You should first register protocol before doing anything.

Protocol mxiss = new Protocol("mxiss", new EasySSLProtocolSocketFactory(), 443);
Protocol.registerProtocol("mxiss", mxiss);

Then instead of "https" you have to use "mxiss"

EasySSLProtocolSocketFactory comes from org.apache.commons.httpclient.contrib.ssl. Put the jar file http://repo1.maven.org/maven2/ca/juliusdavies/not-yet-commons-ssl/0.3.11/not-yet-commons-ssl-0.3.11.jar in your classpath.