Hat jemand die folgende Ausnahme zu erfüllen.Android https CertPathValidatorException: TrustAnchor gefunden, aber Zertifikatsprüfung fehlgeschlagen
Es tritt zufällig auf. Nachdem es passiert ist, kann die https-Verbindung nicht mehr verwendet werden. Die gesamte Anwendung muss neu gestartet werden.
Das Szenario: Nach eingehender Spur des Codes, i das Szenario aktualisiert:
1. The application has 3 process in the same application.
2. The main ui process invoke https request in another thread.
3. The another 2 processes hold the 2 servcies. one service will also invoke https request in another thread.
4. When user logout, it will stop the 2 services.
3. When user login again, the main ui process invoke https request and then fail.
Der Code ist wie unten:
URL url = new URL(mUri);
urlConnection = (HttpsURLConnection) url.openConnection();
urlConnection.setRequestMethod(mMethod);
if (mMethod.equals(HttpPost.METHOD_NAME)) {
urlConnection.setDoOutput(true);
}
else {
urlConnection.setDoOutput(false);
}
urlConnection.setDoInput(true);
urlConnection.setUseCaches(false);
urlConnection.setChunkedStreamingMode(0);
...
if (!TextUtils.isEmpty(mJsonContent)) {
OutputStreamWriter wr = new OutputStreamWriter(urlConnection.getOutputStream());
wr.write(mJsonContent);
wr.close();
}
//Get Response
InputStream inputStream;
int statusCode;
statusCode = urlConnection.getResponseCode();
...
inputStream = urlConnection.getInputStream();
String bodyContent = convertStreamToString(inputStream);
inputStream.close();
if (urlConnection != null) {
urlConnection.disconnect();
}
Ich mag würde wissen, was die Wurzel sein kann Ursache. Momentan habe ich keine Ahnung, um diesen Fehler zu beheben. Die https-Verbindung wird in einem anderen Thread ausgeführt. Nachdem die Antwort erhalten wurde, wird sie zurück zum Hauptthread gepostet.
W/System.err(7158): javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: TrustAnchor found but certificate validation failed.
W/System.err(7158): at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:409)
W/System.err(7158): at com.android.okhttp.Connection.upgradeToTls(Connection.java:146)
W/System.err(7158): at com.android.okhttp.Connection.connect(Connection.java:107)
W/System.err(7158): at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:294)
W/System.err(7158): at com.android.okhttp.internal.http.HttpEngine.sendSocketRequest(HttpEngine.java:255)
W/System.err(7158): at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:206)
W/System.err(7158): at com.android.okhttp.internal.http.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:345)
W/System.err(7158): at com.android.okhttp.internal.http.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:89)
W/System.err(7158): at com.android.okhttp.internal.http.HttpURLConnectionImpl.getOutputStream(HttpURLConnectionImpl.java:197)
W/System.err(7158): at com.android.okhttp.internal.http.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:254)
W/System.err(7158): at com.xxxx.xxx.util.http.AsyncHttpsClient$AsyncRequest.run(AsyncHttpsClient.java:304)
W/System.err(7158): at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112)
W/System.err(7158): at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587)
W/System.err(7158): at java.lang.Thread.run(Thread.java:841)
W/System.err(7158): Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: TrustAnchor found but certificate validation failed.
W/System.err(7158): at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:308)
W/System.err(7158): at com.android.org.conscrypt.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:202)
W/System.err(7158): at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:611)
W/System.err(7158): at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
W/System.err(7158): at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:405)
W/System.err(7158): ... 13 more
W/System.err(7158): Caused by: java.security.cert.CertPathValidatorException: TrustAnchor found but certificate validation failed.
W/System.err(7158): at com.android.org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi.engineValidate(PKIXCertPathValidatorSpi.java:122)
W/System.err(7158): at java.security.cert.CertPathValidator.validate(CertPathValidator.java:190)
W/System.err(7158): at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:295)
W/System.err(7158): ... 17 more
W/System.err(7158): Caused by: com.android.org.bouncycastle.jce.provider.AnnotatedException: TrustAnchor found but certificate validation failed.
W/System.err(7158): at com.android.org.bouncycastle.jce.provider.CertPathValidatorUtilities.findTrustAnchor(CertPathValidatorUtilities.java:235)
W/System.err(7158): at com.android.org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi.engineValidate(PKIXCertPathValidatorSpi.java:117)
W/System.err(7158): ... 19 more
W/System.err(7158): Caused by: java.security.NoSuchAlgorithmException: error:0D0C50A1:asn1 encoding routines:ASN1_item_verify:unknown message digest algorithm
W/System.err(7158): at com.android.org.conscrypt.NativeCrypto.X509_verify(Native Method)
W/System.err(7158): at com.android.org.conscrypt.OpenSSLX509Certificate.verifyOpenSSL(OpenSSLX509Certificate.java:334)
W/System.err(7158): at com.android.org.conscrypt.OpenSSLX509Certificate.verify(OpenSSLX509Certificate.java:367)
W/System.err(7158): at com.android.org.bouncycastle.jce.provider.CertPathValidatorUtilities.verifyX509Certificate(CertPathValidatorUtilities.java:1427)
W/System.err(7158): at com.android.org.bouncycastle.jce.provider.CertPathValidatorUtilities.findTrustAnchor(CertPathValidatorUtilities.java:222)
W/System.err(7158): ... 20 more
Erfolgt das auf allen Geräten oder nur auf bestimmten Geräten oder Android-Versionen? – Robert
Es passiert derzeit auf Nexus 5 4.4.4 einfacher. –