javax.net.ssl.sslpeerunverifiedexception no peer certificate

Question

I am trying to insert a record into MySQL by posting data to a PHP server from an Android app. I have added the INTERNET permission to AndroidManifest.xml

I get javax.net.ssl.SSLPeerUnverifiedException: No peer certificate

Android code

private void senddata(ArrayList<NameValuePair> data)
{
    try 
    {
        HttpClient httpclient = new DefaultHttpClient();
        HttpPost httppost = new HttpPost("https://10.0.2.2/insert222.php");
        httppost.setEntity(new UrlEncodedFormEntity(data));
        HttpResponse response = httpclient.execute(httppost);

    }
    catch (Exception e) {
        // TODO: handle exception
        Log.e("log_tag", "Error:  "+e.toString());
    }
}

Can anyone help?

Answer 1

I have to say all trusted certificates (trusted by authorized centres such as COMODO, Symantec, etc.) have to be work in any case. If your app recieves such javax.net.ssl.SSLPeerUnverifiedException: No peer certificate using bought certificate you give something wrong on server side. To test use openssl s_client -connect example.com:443 command to get inner information about certificate your app recieve. In may case my nginx-server sent wrong certificate in some cases.

Answer 2

I had this issue with an IIS 8 server. In the https binding, I had to uncheck the checkbox labeled "Require Server Name Indication." Once I unchecked it, I quit getting the error.

Answer 3

Warning: Do not implement this in production code you are ever going to use on a network you do not entirely trust. Especially anything going over the public internet. This link gives more correct answer. Here is an implementation using SSL.

Your problem is you are using DefaultHttpClient for https(secure url).
Create a custom DefaultHttpClient

public static HttpClient createHttpClient()
{
    HttpParams params = new BasicHttpParams();
    HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
    HttpProtocolParams.setContentCharset(params, HTTP.DEFAULT_CONTENT_CHARSET);
    HttpProtocolParams.setUseExpectContinue(params, true);

    SchemeRegistry schReg = new SchemeRegistry();
    schReg.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
    schReg.register(new Scheme("https", SSLSocketFactory.getSocketFactory(), 443));
    ClientConnectionManager conMgr = new ThreadSafeClientConnManager(params, schReg);

    return new DefaultHttpClient(conMgr, params);
}

Than change your code as follows:

        HttpClient httpclient = createHttpClient();
        HttpPost httppost = new HttpPost("https://10.0.2.2/insert222.php");
        httppost.setEntity(new UrlEncodedFormEntity(data));
        HttpResponse response = httpclient.execute(httppost);

Have a look at here if you have problems
It should work.