Android Question java.security.cert.CertPathValidatorException and HU2_ACCEPTALL work around

davemorris

Active Member
Licensed User
Hi, Guys
Just had a problem with previously working relating to java.security.cert.CertPathValidatorException. Thankfully a fix was available in

The work around added a compiler switch HU2_ACCEPTALL which appears to work. However, in other similar posts it suggests you contact your server provider to fix the problem. I assume they are talking about the TLS version, but I am not really sure and running the SSL report for the site suggests it will support TLS versions 1.0 to 1.2 but not v1.3.

I would like to remove this switch (and also allow older versions of my App to work) so what do I do or ask my service provider to change regarding our site.

Our server uses Let's Encrypt for the SSL/TLS certificate and is a Microsoft server running "plesk" if that helps

Very kind regards
Dave Morris
 

mcqueccu

Well-Known Member
Licensed User
Another Scenario is there is no certificate.

I encounted that error 2 days ago when I was testing an app with Wamp (localhost). I use HU2_ACCEPTALL to fix the issue temporarily

I later investigated and realized I was using https in the url instead of http. So when I corrected it, the app worked fine without the Hu2_acceptall
 
Upvote 0

davemorris

Active Member
Licensed User
Hi, thanks for the help
There are several different types of errors. My guess is that the certificate is signed by a trusted authority not recognized by the device.
Sorry what do you mean not recognized by the device, it occurs with all my Android 4, 5, 6 test phones but not Android 10 or any Apple iOS phones. I have check the site Cert (by clicking on the padlock) and it appears ok (also a new cert was issue on 20/1/22).
I am after some advice on how to approach the Service provider to fix this issue.

Regards
Dave
 
Upvote 0

davemorris

Active Member
Licensed User
Hi, Find something very interesting entitled
"Let's Encrypt faces compatibility issues with older Android devices"
It appears to claim (after a quick read) that Android v7.1 devices, and below, will have problems with sites using Lets Encrypt certificates. They go on to say that the only currently workable solution is to "switch to another CA".

It will be interesting to see what Lets Encrypt do.
Regards
Dave
 
Upvote 0
Top