出现SSLHandshakeException：使用HttpURLConnetion采用Android 4.2.2异常证书 [英] SSLHandshakeException: Certificate Exception using HttpURLConnetion with Android 4.2.2

问题描述

我有一个奇怪的问题苦苦挣扎，而使用的 HttpURLConnection类作为Android中Web服务API调用。我得到异常的仅在以下的Andr​​oid 4.2.2版即可。它采用的是Android 4.0.3，4.3做工精细和4.4及以上。
我使用低于code服务API调用。

I am struggling with a strange issue, while using HttpURLConnection for webservice api call in Android. I am getting below exception ONLY with Android version 4.2.2. It is working fine in Android 4.0.3, 4.3 and 4.4 and above. I am using below code for service api call.

HttpURLConnection mConn = (HttpURLConnection)mUrl.openConnection();
mConn.addRequestProperty("Connection", "close");
mConn.setConnectTimeout(CONNECTION_TIMEOUT);
mConn.setReadTimeout(SOCKET_TIMEOUT);
mConn.setUseCaches(true);
mConn.setRequestMethod("POST");
String param = Utils.appendQueryParams(null,this.stringparams);
mConn.setDoInput(true);
mConn.setDoOutput(true);
mConn.setFixedLengthStreamingMode(param.getBytes().length);
mConn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
mConn.setRequestProperty("Accept", "application/json");
mConn.connect();
PrintWriter out = new PrintWriter(mConn.getOutputStream());
out.print(param);
out.close();

下面是个例外（仅适用于Android的SDK版本4.2.2）

Here is the Exception (ONLY in Android SDK version 4.2.2)

08-18 11:43:22.663  26427-26485/com.abc.xyz W/System.err﹕ javax.net.ssl.SSLHandshakeException: com.android.org.bouncycastle.jce.exception.ExtCertPathValidatorException: IssuerName(CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US) does not match SubjectName(CN=Go Daddy Root Certificate Authority - G2, OU=https://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US) of signing certificate.
08-18 11:43:22.833  26427-26485/com.abc.xyz W/System.err﹕ at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:381)
08-18 11:43:22.833  26427-26485/com.abc.xyz W/System.err﹕ at libcore.net.http.HttpConnection.setupSecureSocket(HttpConnection.java:209)
08-18 11:43:22.833  26427-26485/com.abc.xyz W/System.err﹕ at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.makeSslConnection(HttpsURLConnectionImpl.java:478)
08-18 11:43:22.833  26427-26485/com.abc.xyz W/System.err﹕ at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.connect(HttpsURLConnectionImpl.java:433)
08-18 11:43:22.833  26427-26485/com.abc.xyz W/System.err﹕ at libcore.net.http.HttpEngine.sendSocketRequest(HttpEngine.java:290)
08-18 11:43:22.833  26427-26485/com.abc.xyz W/System.err﹕ at libcore.net.http.HttpEngine.sendRequest(HttpEngine.java:240)
08-18 11:43:22.833  26427-26485/com.abc.xyz W/System.err﹕ at libcore.net.http.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:81)
08-18 11:43:22.833  26427-26485/com.abc.xyz W/System.err﹕ at libcore.net.http.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:165)
08-18 11:43:22.833  26427-26485/com.abc.xyz W/System.err﹕ at com.halomem.android.utils.ServiceCall.executeRequest(ServiceCall.java:86)
08-18 11:43:22.833  26427-26485/com.abc.xyz W/System.err﹕ at com.halomem.android.impl.Session$1.run(Session.java:161)
08-18 11:43:22.833  26427-26485/com.abc.xyz W/System.err﹕ Caused by: java.security.cert.CertificateException: com.android.org.bouncycastle.jce.exception.ExtCertPathValidatorException: IssuerName(CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US) does not match SubjectName(CN=Go Daddy Root Certificate Authority - G2, OU=https://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US) of signing certificate.
08-18 11:43:22.833  26427-26485/com.abc.xyz W/System.err﹕ at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:296)
08-18 11:43:22.833  26427-26485/com.abc.xyz W/System.err﹕ at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:197)
08-18 11:43:22.833  26427-26485/com.abc.xyz W/System.err﹕ at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:597)
08-18 11:43:22.833  26427-26485/com.abc.xyz W/System.err﹕ at org.apache.harmony.xnet.provider.jsse.NativeCrypto.SSL_do_handshake(Native Method)
08-18 11:43:22.833  26427-26485/com.abc.xyz W/System.err﹕ at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:378)
08-18 11:43:22.833  26427-26485/com.abc.xyz W/System.err﹕ ... 9 more
08-18 11:43:22.833  26427-26485/com.abc.xyz W/System.err﹕ Caused by: com.android.org.bouncycastle.jce.exception.ExtCertPathValidatorException: IssuerName(CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US) does not match SubjectName(CN=Go Daddy Root Certificate Authority - G2, OU=https://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US) of signing certificate.
08-18 11:43:22.843  26427-26485/com.abc.xyz W/System.err﹕ at com.android.org.bouncycastle.jce.provider.RFC3280CertPathUtilities.processCertA(RFC3280CertPathUtilities.java:1525)
08-18 11:43:22.843  26427-26485/com.abc.xyz W/System.err﹕ at com.android.org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi.engineValidate(PKIXCertPathValidatorSpi.java:305)
08-18 11:43:22.843  26427-26485/com.abc.xyz W/System.err﹕ at com.sec.android.security.pkix.SecCertPathValidatorSpi.engineValidate(SecCertPathValidatorSpi.java:99)
08-18 11:43:22.843  26427-26485/com.abc.xyz W/System.err﹕ at java.security.cert.CertPathValidator.validate(CertPathValidator.java:190)
08-18 11:43:22.843  26427-26485/com.abc.xyz W/System.err﹕ at org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:283)
08-18 11:43:22.843  26427-26485/com.abc.xyz W/System.err﹕ ... 13 more

请在这方面的建议。

谢谢
人士Himanshu。

Thanks Himanshu.

推荐答案

好像证书的权限不在设备上的信任。结帐这篇文章：无法验证证书签名

Seems like authority of certificate is not trusted on your device. Checkout this post: Could not validate certificate signature?

这篇关于出现SSLHandshakeException：使用HttpURLConnetion采用Android 4.2.2异常证书的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！