I migrated my server to another host company. All of my apps running android version < 6.0 are now failing to do HTTPS requests, but the problem doesn't apply to newer versions. Here is my error log.
Problem solved, it occured an error in the migration where the machine hosting my services already had a SSL certificate, that certificate wasn't trusted and was running in conflit with mine, causing errors in the older android versions.
Related
WebAPI (built with .Net) is hosted on a server and called from iOS and Android apps using HTTPS. No changes has been made in certificates or otherwise. iOS app works fine, web app using the same api works fine but since this morning all Android apps (running on Android version 5x or less only) using the API has stared crashing with this error.
android.runtime.JavaProxyThrowable: System.AggregateException: One or more errors occurred. ---> System.Net.WebException: Error: TrustFailure (The authentication or decryption has failed.) ---> System.IO.IOException: The authentication or decryption has failed. ---> System.IO.IOException: The authentication or decryption has failed. ---> Mono.Security.Protocol.Tls.TlsException: Invalid certificate received from server.
Checked certificates, certificate chain, everything. No issues. If the certificate is invalid, no other apps should be working and why all of a sudden. Can someone point to where to look. I searched this site and found a few threads but their solutions require changes in Android app code. That can't be done (and deployed) so quickly. Why all of a sudden, if someone can throw some light on it. Even nothing has been updated in our test Android devices.
Tested the server through ssllab and handshakes come on Android simulations:
Solved and the app on those older Android versions works now. I had to disable COMODO root certificate COMODO RSA Certification Authority with SHA1 key afe5d244a8d1194230ff479fe2f897bbcd7a8cb4 in certificate manager everywhere it was. Apparently windows update added this and it was somehow conflicting and making an intermediate certificate not being sent from the server (in the second certificate chain, the first chain was ok). Normally if an intermediate certificate is not sent, clients download it from the issuer but Android mono framework apparently doesn't do that.
Thank you Adm Selec https://community.qualys.com/thread/15295 for the solution.
I am calling https webservice and its works fine in all other versions of Android, but now, when i am trying to call it with Android 7.0 Nougat, it gives me following error.
Error : javax.net.ssl.SSLHandshakeException: Connection closed by peer
I already tried with HttpClient and HttpsURLConnection, but i got the same error.
I used Security with HTTPS and SSL provided by google, but got the same error in Android 7.0 Nougat
By default, secure connections (using protocols like TLS and HTTPS) from all apps trust the pre-installed system CAs, and apps targeting Android 6.0 (API level 23) and lower also trust the user-added CA store by default.
Which means that on Nougat, you actually need to specify a certificate to trust into your Android project. You can add your certificate in a configuration file, as described here:
https://developer.android.com/training/articles/security-config.html
I devloped an android app on 2.2. I used the Soap webservices in my app through https.
I used ssl certification to access those services. It works fine in version 2.2, but now my client want it on 2.1. So I changed the version and min sdk levels but when I run the app in 2.1 it gives me SSl socket exception. Now in my root folder of project it is showing 2.1 version. Could any one help me out?
There is a change in android OS 2.1 to 2.2 that has to do with SSL certificates. But cannot find the url right now.
In order to avoid that you could catch the exception and on SSLException you could reconnect the server with a non-secure connection. Keeping a sharedpreference in case of exception for future use of non-secure connections will avoid double connections all the time.
It not so elegant or secure way but it works for me.
I recently noticed that an application I'm building fails to load properly on Android 2.2 due to an SSL certificate warning:
But it works just fine on Android 2.3. I didn't try any other versions yet. Any ideas what might be going on?
My current hypothesis is that Android 2.2's browser do not load intermediate certificates, can anybody confirm or deny that?
I'm using the BouncyCastle provider and Apache HttpClient to trust an SSL certificate, as described by Antoine Hauck here.
The app I've made targets Android 1.5, and works fine on the emulator and a device running 3.0. However, when I try to test it on 2.2 (Galaxy S), an SSLException, "Not trusted Server Certificate", occurs.
Since there's no errors complaining about BouncyCastle itself, I'm assuming the device is not reading the certificates properly from the .bks file. Is what I'm attempting possible using BouncyCastle on Android version 2.2, or does something just need to be altered from the working 3.0 app?
Update
When I tried to run the app again today, it worked correctly the first time. I've tried it several times now, and it sometimes runs properly but sometimes still gets the SSLException. There doesn't seem to be any pattern to when this occurs - it might work a few times in a row and then fail repeatedly.
Could be the provider of the certificate is not trusted, try checking trusted providers