Android Question java.security.cert.CertPathValidatorException and HU2_ACCEPTALL work around

D

davemorris

Active Member
Licensed User
Longtime User
Hi, Guys
Just had a problem with previously working relating to java.security.cert.CertPathValidatorException. Thankfully a fix was available in

ResponseError. Reason: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path...

Hi, I developed an applicaton and it was working fine. But last 10 days it's not working anymore I'm getting this error for old android devices ( s3mini 4.1.2 and Samsung Galaxy J2 Android 5.1 (SDK 22) ) ResponseError. Reason: javax.net.ssl.SSLHandshakeException...
www.b4x.com www.b4x.com

The work around added a compiler switch HU2_ACCEPTALL which appears to work. However, in other similar posts it suggests you contact your server provider to fix the problem. I assume they are talking about the TLS version, but I am not really sure and running the SSL report for the site suggests it will support TLS versions 1.0 to 1.2 but not v1.3.

I would like to remove this switch (and also allow older versions of my App to work) so what do I do or ask my service provider to change regarding our site.

Our server uses Let's Encrypt for the SSL/TLS certificate and is a Microsoft server running "plesk" if that helps

Very kind regards
Dave Morris
 
Sort by date Sort by votes
mcqueccu

mcqueccu

Well-Known Member
Licensed User
Longtime User
Another Scenario is there is no certificate.

I encounted that error 2 days ago when I was testing an app with Wamp (localhost). I use HU2_ACCEPTALL to fix the issue temporarily

I later investigated and realized I was using https in the url instead of http. So when I corrected it, the app worked fine without the Hu2_acceptall
 
Upvote 0
D

davemorris

Active Member
Licensed User
Longtime User
Hi, thanks for the help
Erel said:
There are several different types of errors. My guess is that the certificate is signed by a trusted authority not recognized by the device.
Click to expand...
Sorry what do you mean not recognized by the device, it occurs with all my Android 4, 5, 6 test phones but not Android 10 or any Apple iOS phones. I have check the site Cert (by clicking on the padlock) and it appears ok (also a new cert was issue on 20/1/22).
I am after some advice on how to approach the Service provider to fix this issue.

Regards
Dave
 
Upvote 0
D

davemorris

Active Member
Licensed User
Longtime User
Hi, Find something very interesting entitled
"Let's Encrypt faces compatibility issues with older Android devices"
www.ssldragon.com

Let’s Encrypt faces compatibility issues with older Android devices

Let's Encrypt faces compatibility issues with older Android devices and Java versions due to an expiring third-party root certificate.
www.ssldragon.com www.ssldragon.com
It appears to claim (after a quick read) that Android v7.1 devices, and below, will have problems with sites using Lets Encrypt certificates. They go on to say that the only currently workable solution is to "switch to another CA".

It will be interesting to see what Lets Encrypt do.
Regards
Dave
 
Upvote 0
You must log in or register to reply here.

Similar Threads

N
  • Question
Android Question Java vulnerabilities
Replies
4
Views
1K
hatzisn
hatzisn
rgarnett1955
  • Question
Android Question Interprocess Comms Using Local Host - Doesn't Work If I put socket dunctions in a class
Replies
2
Views
724
rgarnett1955
rgarnett1955
desof
  • Locked
  • Question
Android Question Java was updated and suddenly no longer compiles any project
Replies
5
Views
2K
Erel
Erel
F
  • Question
Android Question OkHttpUtils2 modification
Replies
2
Views
1K
FormCommander
F
B
  • Question
Android Question java.security.InvalidKeyException
Replies
1
Views
1K
Bob Spielen
B
Top