Hi everybody.

I have a problem since " a long time "
I try to connect my application to a WebServer with HTTPS.
but I have a problem, because the server has a self-sign certificate.
So my application don't want the no-trusted certificate.

How can I accept a non-trusted certificate?

Thanks

no body has a solution to do that?

please help.

no response...
that's because no body know??

I read some method (2 of this topics ar french, sorry):
http://www.developpez.net/forums/d24645 ... via-proxy/
http://www.exampledepot.com/egs/javax.n ... stAll.html
http://forum.hardware.fr/hfr/Programmat ... 1784_1.htm

I tryed the first and second solution an that's crash my application.
the third is not a source method, so i'm not interested, but that can help somebody.


More information: to connect to internet, i use apache librairies

Java handles certificate chains by looking into the JKS. At least when using the core classes (and if using Java 1.4 with the JSSE add-on). I don't know what the Apache API uses under the hood, but for a good understanding of JKS and how trust chains work read this:
http://publib.boulder.ibm.com/infocente ... vajsse.htm

Note that any server cert (self signed or not) is valid for SSL communication as long as YOU as a connecting client trusts it.

I put a trustore in the phone, and now i have a new Exception : Wrong version of the Key Store
How can i fix it?
Somebody know,

My source:

KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
FileInputStream in = new FileInputStream(new File("data/data/com.alu.myic.android/my.trustore"));
try {

trustStore.load(in, "coucou".toCharArray());
/* Enumeration enumKey = trustStore.aliases();
for(;enumKey.hasMoreElements();)
{
String alias = (String)enumKey.nextElement();
boolean isPrivateKey = trustStore.isKeyEntry(alias);
boolean isTrustedCertificate = trustStore.isCertificateEntry(alias);
Log.v("Alias: " + alias + "-key: " + isPrivateKey + "-trusted: " + isTrustedCertificate, "" );
}*/
} finally {
in.close();
}

SSLSocketFactory socketFactory = new SSLSocketFactory(trustStore);
javax.net.ssl.SSLContext sslContext = null;
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("https", socketFactory, 443));


Regards,

Steph

I haven't done any research about it so the only thing that comes to mind is that you create the keyStore using the java tools under for ex. Java 1.6.
Then you moved the keyStore to the emulator/phone which runs under a different JRE, example 1.5.

Android hasn't JRE... It has specially environnement name DALVIK....
But i do like the other source i see on the net.

Maybe that's this lign which is false : KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
Because when i change it, i have a different exception

thanks to think about my problem