I'm developing my first Xamarin.Forms App and have a backend API built using ASP.Net Core. I want all calls to the API to be via HTTPS so followed this guide for setting up HTTPS for development in ASP.NET Core. This, I believe, will let me use the IIS Express Development Certificate from within Visual Studio.
Up to this point I had been making all calls to the API from my Xamarin.Forms Android App via the emulator using HttpClient and the following http uri
http://10.0.2.2:44321/api/User
but now with SSL enabled for my API I need to make the call from the app using the following uri
https://10.0.2.2:44321/api/User
However, simply changing http to https gives the following error
{Javax.Net.Ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. ---> Java.Security.Cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. ---> Java.Security.Cert.CertPathValidatorException: Trust anchor for certification path not found.
--- End of inner exception stack trace ---
I presume this is because the the Xamarin.Forms App does not list the IIS Development Certifcate as being trusted, i.e., with Swagger (Swashbuckle) running from my API I can hit the endpoint with no problems; with postman running with SSL certificate verification turned off I can also hit the endpoint.
How can I setup a Xamarin.Forms App (specifically Android) to trust the IIS Development Certificate for development purposes?
Related
I developed a simple Android app using Expo SDK that communicates with my server via HTTPS (using Axios if it matters). I have bought the domain and use a LetsEncrypt certificate configurated in NGINX that has an A+ score in the Qualys SSL Test. The app works well with most of my clients except one that uses it under a network proxy that I don't have access to.
Every time the app tries to request the servers I get the error:
java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
Which according to this article https://developer.android.com/training/articles/security-ssl?hl=en-us can happen when "The CA that issued the server certificate was unknown", "The server certificate wasn't signed by a CA, but was self signed", "The server configuration is missing an intermediate CA" which is not the case since it works with every other client.
This client uses Android 8.1 and I've already checked in “Encryption & credentials” settings that "DST Root CA X3" (which is the anchor for LetsEncrypt) is listed as a trusted root certificate in the devices.
For test purposes, I also have developed a version of my app that does not use HTTPS and it works fine even under the proxy connection.
Am I missing something here? What else could be causing this problem? Any ideas on how to replicate it? Thank you!
I do know why but my app on Android 4.4 (HTC 626) couldn't connect to my site. The problem occurs and from the app using URLConnection and OkHttpClient and when I try to open a site in Chrome ("Connection is not private").
javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
Certificate issued by Sectigo. SSL Checker doesn't show problems with a certificate on the server. The problem does not occur on Android 9 (Samsung A50). I suppose to try another CA. Any ideas?
The problem was solved by replacing the Comodo (Sectigo) Positive SL with the Thawte SSL123. It is not advertising. Both certificates were installed by one specialist, so I do not think there was wrong nginx configuration.
We have an internal CA server.
We have an Android app that should communicate via https with our webserver, and have generated the required certificates. When we connect to the server through our app, it fails with the current stacktrace:
Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
But when we browse the server through Android Chrome it works, and we get a green keylock. We have uploaded the certificate on the android device under settings. So it's listed under User certificates.
My question is: Do I need to do anything codewise? I figured that the app would look at the certificates located on the phone, and use this. The way Chrome seems to do. But some guides tell me that I manually have make a keystore and supply this to the SSLFactory (Link to guide). But on other pages it seems that this should work out of the box...
Can anyone point me in the right direction?
I can't browse to my web application from visual studio while using a android emulator. I get an empty response error on the browser. When I browse to my local application from my computer, it works. I used the ip 10.0.2.2 on android emulator instead of localhost. Anybody can help me?
Check your console for any errors. I was having this issue and was seeing Failed to validate the certificate chain, error: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. because my locally issued certificate was invalid.
For development I overrode WebviewClient according to this answer and was able to get it working. Make sure to remove before releasing to production to prevent your application from being susceptible to man-in-the-middle attacks.
Hi all i am working on web services in android using ksaop2 library, i have done with http but when try over https then i got exception
javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
my wsdl file is asking username and password to open
Can you please help me how to call web service over ssl