Android: Users with certain devices cannot use my application's web-services - SSLPeerUnverifiedException

⇧

⇩

70 views

I have an application which interacts over https with a server I have. I have a valid certificate.

The application works fine for most users, but some users are reporting that they have problems connecting with their rooted devices. They are also reporting with the HTC Evo 2.3.3, with the upgrade from Sprint, the application has the same behavior.

I borrowed a friends' Evo, and was able to get the following stack-trace below. I have seen solutions for this which are basically 'accept all certs' but that is not possible since I am releasing this in production.

Has anyone seen a fix for this? Possibly storing my server's cert directly on the device?

06-24 15:15:52.051: WARN/ServiceOperation(1535): javax.net.ssl.SSLPeerUnverifiedException: No peer certificate
06-24 15:15:52.051: WARN/ServiceOperation(1535):     at org.apache.harmony.xnet.provider.jsse.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:258)
06-24 15:15:52.051: WARN/ServiceOperation(1535):     at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:93)
06-24 15:15:52.051: WARN/ServiceOperation(1535):     at org.apache.http.conn.ssl.SSLSocketFactory.createSocket(SSLSocketFactory.java:381)
06-24 15:15:52.051: WARN/ServiceOperation(1535):     at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:164)
06-24 15:15:52.051: WARN/ServiceOperation(1535):     at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164)
06-24 15:15:52.051: WARN/ServiceOperation(1535):     at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119)
06-24 15:15:52.051: WARN/ServiceOperation(1535):     at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:359)
06-24 15:15:52.051: WARN/ServiceOperation(1535):     at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555)
06-24 15:15:52.051: WARN/ServiceOperation(1535):     at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487)
06-24 15:15:52.051: WARN/ServiceOperation(1535):     at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465)

java android https

asked June 24, 2011 5:48 pm CDT

willmel

posted via StackOverflow

0 Answers

Be the first to answer this question

Similar discussion threads

Questions on CouchDB security for Android Devices (and iOS)
April 14, 2011 04:45:29 PM
Hi, I just worked myself through a wiki article and blogposts regarding CouchDB's security (http://wiki.apache.org/couchdb/Security_Features_Overview). Now I am wondering how this is done in Android. The Android platforms security is relying on…

Android users wanted
January 31, 2011 03:16:00 AM
Guys, can somebody tell us, what the different Android versions return for the java.version and java.specification.version? - Jörg

Fwd: Android users wanted :)
February 4, 2011 08:03:19 AM
Got an user here which reports java.version returns "0" and java.specification.version returns "0.9" for all Andriod versions. ---------- Forwarded message

Android users wanted :)
January 27, 2011 02:55:40 AM
Guys, in the shed of LANG-624, can somebody tell us, what the different Android versions return for the java.version and java.specification.version? - Jörg

Testing Sharepoint 2010 web services with different users
December 14, 2010 12:27:58 PM
Hello, I would like to test web services hosted on a Sharepoint 2010 site with a few different users. How shall I configure JMeter to do so? Basics are ok for me, I've already created a Thread group and a WebService sampler, but I don't know how…

Created] (THRIFT-1146) Android Incompatibility : in Android < 2.3 java.io.IOException doesn't sup
April 16, 2011 04:57:14 AM
Android Incompatibility : in Android < 2.3 java.io.IOException doesn't support for Throwable parameter in constructor

javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
April 15, 2011 11:09:39 AM
Hello All, I am getting below exception while connecting to an URL over SSL using httpclient 3 from our application running on WAS 6 and j2sdk 1.4. [4/15/11 11:16:15:103 EDT] 00000038 SystemErr R javax.net.ssl.SSLPeerUnverifiedException:…

Created: (HTTPCLIENT-1070) misleading javax.net.ssl.SSLPeerUnverifiedException thrown when cause is
March 10, 2011 04:40:30 PM
misleading javax.net.ssl.SSLPeerUnverifiedException thrown when cause is due to non SSL related IOException (e.g. java.net.SocketException: Connection reset)

JMS application's consumer(with msg selector) not getting messages
December 14, 2010 06:32:48 PM
My JMS java client creates one consumer with a message selector and works fine when receiving messages from WebSphere MQ. But seldom works when receiving from a queue on ActiveMQ 5.3.1 and 5.4.1. Most of the time I don't get any messages. I…

Accessing Standalone Application's Login Page on a Secured Database
June 24, 2010 11:28:10 AM
Hi Guys, Assume there is a secured CouchDB's database (has readers / admins / roles) which also equipped with a standalone application. The application has its own login page which can get user's credentials and issue cookie authentication. So how…

DO NOT REPLY New: Undeploy: files deleted before application's destroy() finishes
November 25, 2010 09:24:29 AM
https://issues.apache.org/bugzilla/show_bug.cgi?id=50338 Summary: Undeploy: files deleted before application's destroy() finishes Product: Tomcat 6 Version: 6.0.29 Platform: PC …

Re: Accessing Standalone Application's Login Page on a Secured Database
August 31, 2010 12:14:38 PM
Dear Chris, I've set *require_valid_user=true* and *authentication_redirect* is set to default by couchdb, but no redirection happens. A basic authentication pop up shows as before! I've tested once with * WWW-Authenticate* disabled and once set…

Re: Accessing Standalone Application's Login Page on a Secured Database
August 31, 2010 11:29:44 AM
Dear Chris, I've set require_valid_user=true and authentication_redirect is set to default by couchdb, but no redirection happens. A basic authentication pop up shows as before! I've tested once with WWW-Authenticatedisabled and once set to…

How I can get all available devices for one instance?
April 4, 2011 05:16:19 PM
I note one problem with image list of deltacloud api [1], doesn't have the platform information of image... any idea? Thanks, Felipe Cardoso Martins [1] http://incubator.apache.org/deltacloud/api.html#h4_3

MongoDB on small devices
May 17, 2011 11:50:55 AM
Greetings, I'm curious about how well MongoDB would scale *down* to be used in small devices such as mobile phones. It feels like the no-dependencies nature of it and the relative small size would be a good fit, and some proper tweaking of…

Removing dead hosts & devices
May 19, 2011 12:50:07 PM
We've removed some servers from our cluster, and so we have some dead devices and dead hosts. It's been a while (at least a month) since they've been removed, and mogstats reports that none of them have any files. Is it possible to remove these…

out of pty devices (not puppet not ruby issue)
February 4, 2011 09:18:43 AM
I have a puppet Exec that launches a python script I wrote, which uses pexpect (a Python Expect module), to run an interactive software installation... This is done in the post install script of kickstart (in chroot environment). the Exec fails…

Managing network devices in core
March 18, 2011 12:26:17 PM
Hi all, This is mostly to Brice, but I figure others are interested. We've been looking at what it will take to get the network device support prototype as implemented by Brice into core, along with the fact that we'll be producing the RC1 for…

Fixing monitoring of readonly devices
March 31, 2011 04:48:12 AM
Our volumes can be grown until min_free_space will be reached. We make sometimes these volumes readonly and mount filesystems as readonly too. This is because file systems like XFS have bad behavior (crashes) and write attempts on nearfull…

When adding devices using mogadm, do I have to manually create dev directories?
May 1, 2011 03:05:18 AM
I followed the instructions to create a test environment at http://code.google.com/p/mogilefs/wiki/InstallHowTo When doing mogadm --lib=/usr/local/share/perl/5.8.4 --trackers=192.168.42.1:7001 device add mogilestorage 1 Do I have to manually…

Questions and Answers are licensed under cc-wiki license.

Android: Users with certain devices cannot use my application's web-services - SSLPeerUnverifiedException

0 Answers

Be the first to answer this question

Join with account you already have