I have an http request that worked as http://blah.com and now I have been asked to use https://blah.com
The former works and the later fails with a Network I/O error. Are there any missing parameter settings that I need for the client?
The URL request:
D/MyAppWebservice(23142): http-transform :) [https://cdp.mobibob.com:8151/DoTransaction]
Following is the log:
E/MyAppContentProvider(23142): com.mobibob.myapp.MyAppExceptions$ParseException: Network or I/O error calling web service.
W/System.err(23142): com.mobibob.myapp.MyAppExceptions$ParseException: Network or I/O error calling web service.
W/System.err(23142): at com.mobibob.myapp.MyAppWebservice.queryApi(MyAppWebservice.java:558)
W/System.err(23142): at com.mobibob.myapp.MyAppContentProvider.queryWebservice(MyAppContentProvider.java:751)
W/System.err(23142): at com.mobibob.myapp.MyAppContentProvider.query(MyAppContentProvider.java:440)
W/System.err(23142): at android.content.ContentProvider$Transport.query(ContentProvider.java:130)
W/System.err(23142): at android.content.ContentResolver.query(ContentResolver.java:202)
W/System.err(23142): at com.mobibob.myapp.ui.DownloadActivity.goGenDownloadTransaction(DownloadActivity.java:168)
W/System.err(23142): at com.mobibob.myapp.ui.DownloadActivity$DownloadTransaction.doInBackground(DownloadActivity.java:90)
W/System.err(23142): at com.mobibob.myapp.ui.DownloadActivity$DownloadTransaction.doInBackground(DownloadActivity.java:1)
W/System.err(23142): at android.os.AsyncTask$2.call(AsyncTask.java:185)
W/System.err(23142): at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:305)
W/System.err(23142): at java.util.concurrent.FutureTask.run(FutureTask.java:137)
W/System.err(23142): at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1068)
W/System.err(23142): at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:561)
W/System.err(23142): at java.lang.Thread.run(Thread.java:1096)
W/System.err(23142): Caused by: java.io.IOException: SSL handshake failure: I/O error during system call, Unknown error: 0
W/System.err(23142): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.nativeconnect(Native Method)
W/System.err(23142): at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:305)
W/System.err(23142): at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:92)
W/System.err(23142): at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:321)
W/System.err(23142): at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:129)
W/System.err(23142): at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164)
W/System.err(23142): at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119)
W/System.err(23142): at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:348)
W/System.err(23142): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555)
W/System.err(23142): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487)
W/System.err(23142): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465)
W/System.err(23142): at com.mobibob.myapp.MyAppWebservice.queryApi(MyAppWebservice.java:510)
W/System.err(23142): ... 13 more
Https almost always implies a different port being used (standard http=>80; standard https=>443). You have a hardcoded port (8151). I'm guessing the https servlet is listening on a different port.
Or you're trying to connect to a server that doesn't support https.
Related
I copied the client certificate to the device, save to local storage, then install certificate from storage. I'm using DataPower to terminate the SSL and validate the certificate before forwarding requests to Worklight.
When I try to connect, it fails with log message stating "establisheSSLClientAuth isCertificateExists: false" and an SSLHandshakeException.
I assume this means the client is not sending the client certificate. This all happens under the covers with Worklight, so I'm trying to figure out how to tell it to use a specific certificate.
02-11 12:29:23.147: D/NONE(5995): wlclient init success
02-11 12:29:23.147: D/NONE(5995): establishSSLClientAuth isCertificateExists: false
02-11 12:29:23.157: D/NONE(5995): Request [/apps/services/api/MyMobileApp/android/init]
02-11 12:29:23.237: D/HttpPostRequestSender(5995): WLHybridRequestSender.run in WLHybridRequestSender.java:47 :: Sending request https://10.75.29.27/MQTTClient/apps/services/api/MyMobileApp/android/init
02-11 12:29:23.477: E/com.worklight.androidgap.plugin.WLNativeXHRPlugin(5995): WLNativeXHRPlugin$NativeXHRPostListener.onException in WLNativeXHRPlugin.java:154 :: onException
02-11 12:29:23.477: E/com.worklight.androidgap.plugin.WLNativeXHRPlugin(5995): javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake terminated: ssl=0x784e3468: Failure in SSL library, usually a protocol error
02-11 12:29:23.477: E/com.worklight.androidgap.plugin.WLNativeXHRPlugin(5995): error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure (external/openssl/ssl/s3_pkt.c:1256 0x7849ae90:0x00000003)
02-11 12:29:23.477: E/com.worklight.androidgap.plugin.WLNativeXHRPlugin(5995): at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:468)
02-11 12:29:23.477: E/com.worklight.androidgap.plugin.WLNativeXHRPlugin(5995): at android.net.SSLCertificateSocketFactory.verifyHostname(SSLCertificateSocketFactory.java:232)
02-11 12:29:23.477: E/com.worklight.androidgap.plugin.WLNativeXHRPlugin(5995): at android.net.SSLCertificateSocketFactory.createSocket(SSLCertificateSocketFactory.java:481)
02-11 12:29:23.477: E/com.worklight.androidgap.plugin.WLNativeXHRPlugin(5995): at org.apache.http.conn.ssl.SSLSocketFactory.createSocket(SSLSocketFactory.java:382)
02-11 12:29:23.477: E/com.worklight.androidgap.plugin.WLNativeXHRPlugin(5995): at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:165)
02-11 12:29:23.477: E/com.worklight.androidgap.plugin.WLNativeXHRPlugin(5995): at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164)
02-11 12:29:23.477: E/com.worklight.androidgap.plugin.WLNativeXHRPlugin(5995): at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119)
02-11 12:29:23.477: E/com.worklight.androidgap.plugin.WLNativeXHRPlugin(5995): at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:360)
02-11 12:29:23.477: E/com.worklight.androidgap.plugin.WLNativeXHRPlugin(5995): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:670)
02-11 12:29:23.477: E/com.worklight.androidgap.plugin.WLNativeXHRPlugin(5995): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:509)
02-11 12:29:23.477: E/com.worklight.androidgap.plugin.WLNativeXHRPlugin(5995): at com.worklight.wlclient.WLHybridRequestSender.run(WLHybridRequestSender.java:63)
02-11 12:29:23.477: E/com.worklight.androidgap.plugin.WLNativeXHRPlugin(5995): at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112)
02-11 12:29:23.477: E/com.worklight.androidgap.plugin.WLNativeXHRPlugin(5995): at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587)
02-11 12:29:23.477: E/com.worklight.androidgap.plugin.WLNativeXHRPlugin(5995): at java.lang.Thread.run(Thread.java:841)
02-11 12:29:23.477: E/com.worklight.androidgap.plugin.WLNativeXHRPlugin(5995): Caused by: javax.net.ssl.SSLProtocolException: SSL handshake terminated: ssl=0x784e3468: Failure in SSL library, usually a protocol error
02-11 12:29:23.477: E/com.worklight.androidgap.plugin.WLNativeXHRPlugin(5995): error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure (external/openssl/ssl/s3_pkt.c:1256 0x7849ae90:0x00000003)
02-11 12:29:23.477: E/com.worklight.androidgap.plugin.WLNativeXHRPlugin(5995): at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
02-11 12:29:23.477: E/com.worklight.androidgap.plugin.WLNativeXHRPlugin(5995): at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:425)
02-11 12:29:23.477: E/com.worklight.androidgap.plugin.WLNativeXHRPlugin(5995): ... 13 more
02-11 12:29:23.497: E/NONE(5995): [/apps/services/api/MyMobileApp/android/init] Host is not responsive. Try to manually access the URL through the android emulator browser to verify connectivity.
02-11 12:29:23.507: I/NONE(5995): Failed connecting to Worklight Server.
02-11 12:29:28.102: E/ViewRootImpl(5995): sendUserActionEvent() mView == null
The problem is we need to be able to specify what Client Certificate to use on the WL.CLient instead of WL.Server pushing the the Client Certificate to the WL.Client. I saw an Android demo of using credentials obtained from an NFC card using a custom created Cordova plugin and ChallengeHandlers. While a plugin could be created to get the credentials, I don't think it solves the problem when you add DataPower into the mix.
Worklight will only use a certificate that it has provisioned unto the device, not one that you place there manually.
Worklight's User Cert Auth feature can use your PKI of choice, to provision the client device with a x509 client certificate. However, it first takes care to validate device, app and user has authenticated before the certificate is installed for future use.
To learn more about Worklight's User Certificate Authentication feature visit:
http://www-01.ibm.com/support/knowledgecenter/?lang=en#!/SSHS8R_6.3.0/com.ibm.worklight.monitor.doc/monitor/c_user_CA.html
Another option is to have Datapower do one way SSL. Meaning it can accept but not require a client certificate.
I am developing an app for Android. I have been happily developing it for a while, connecting the phone to the PC using a USB, using 192.168.x.x as the address the code points to log in, etc.
I started my IDE a couple of hours before, and without changing a single comma anywhere, I receive an Exception:
10-21 17:15:04.177: W/System.err(24232): org.apache.http.conn.ConnectTimeoutException: Connect to /192.168.1.4:8080 timed out
10-21 17:15:04.177: W/System.err(24232): at org.apache.http.conn.scheme.PlainSocketFactory.connectSocket(PlainSocketFactory.java:121)
10-21 17:15:04.187: W/System.err(24232): at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:144)
10-21 17:15:04.187: W/System.err(24232): at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164)
10-21 17:15:04.197: W/System.err(24232): at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119)
10-21 17:15:04.197: W/System.err(24232): at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:360)
10-21 17:15:04.197: W/System.err(24232): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555)
10-21 17:15:04.197: W/System.err(24232): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487)
10-21 17:15:04.197: W/System.err(24232): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465)
10-21 17:15:04.197: W/System.err(24232): at myPackage.CustomHttpClient.executeHttpPost(CustomHttpClient.java:54)
10-21 17:15:04.197: W/System.err(24232): at myPackage.LoginActivity$3$1.run(LoginActivity.java:113)
I have checked the server is up
My phone is connected to the same wifi the PC with the server is
Internet permission is in my manifest
I do have Internet, since I am writing this here
My phone has Internet, since I have been accessing the internet with him, via the same WiFi
Did ipconfig to make sure the IP is correct
i am getting mad... any help? Thank you!
A very weird thing happened. When I did ipconfig I would swear over the most sacred thing on earth i saw 192.168.1.4. I did it more than one time, always saying 192.168.1.4. After posting this question I did it again...and it showed 192.168.1.3. i changed it in the Android app and now i am able to access server.
Is there some time between an IP has changed and the ipconfig shows it? Because im SURE it said 192.168.1.4 the first 3 times I did it...
I am developing an Android app that involves calls to a RESTful API. I have the REST service written in Python, running on my laptop (192.168.156.1) on port 8080. I have my phone tethered to my laptop with a Connectify Wifi connection. The phone is at 192.168.156.112. Now, I can access the service from the phone's browser with a URL such as http://192.168.156.1:8080/lighting/12345. However, when I try to access it from the app, i get a 'Connection Refused' error in LogCat. The following is the code i'm using to make the connection.
String sampleURL = "`http://192.168.156.1:8080/lighting/weert`";
HttpClient Client = new DefaultHttpClient();
try
{
HttpGet httpget = new HttpGet(sampleURL);
String serverString = "";
HttpResponse response= Client.execute(httpget);
StatusLine statusLine = response.getStatusLine();
if (statusLine.getStatusCode() == HttpStatus.SC_OK) {
ByteArrayOutputStream out = new ByteArrayOutputStream();
response.getEntity().writeTo(out);
out.close();
serverString = out.toString();
}
threadMsg(SetServerString);
}
catch(Exception ex){
Log.e("RESTCALL",ex.getMessage());
threadMsg("Fail!");
}
threadMsg() is the method that passes the response string back to the UI thread.
Any help resolving this issue would be great! Thanks in advance!
Update: Adding Stack Trace
I/ActivityManager( 246): START {act=android.intent.action.MAIN cat= [android.intent.category.LAUNCHER] flg=0x10200000 cmp=com.example.testreceiver/.MainActivity u=0} from pid 464
I/ActivityManager( 246): Displayed com.example.testreceiver/.MainActivity: +315ms
W/System.err(15799): org.apache.http.conn.HttpHostConnectException: Connection to http://192.168.156.1:8080 refused
D/AudioHardware( 89): AudioHardware pcm playback is going to standby.
D/AudioHardware( 89): closePcmOut_l() mPcmOpenCnt: 1
W/System.err(15799): at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:183)
W/System.err(15799): at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164)
W/System.err(15799): at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119)
W/System.err(15799): at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:360)
W/System.err(15799): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555)
W/System.err(15799): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487)
W/System.err(15799): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465)
W/System.err(15799): at com.example.testreceiver.MainActivity$1.run(MainActivity.java:47)
W/System.err(15799): at java.lang.Thread.run(Thread.java:856)
W/System.err(15799): Caused by: java.net.ConnectException: failed to connect to /192.168.156.1 (port 8080): connect failed: EHOSTUNREACH (No route to host)
W/System.err(15799): at libcore.io.IoBridge.connect(IoBridge.java:114)
W/System.err(15799): at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:192)
W/System.err(15799): at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:459)
W/System.err(15799): at java.net.Socket.connect(Socket.java:842)
W/System.err(15799): at org.apache.http.conn.scheme.PlainSocketFactory.connectSocket(PlainSocketFactory.java:119)
W/System.err(15799): at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:144)
W/System.err(15799): ... 8 more
W/System.err(15799): Caused by: libcore.io.ErrnoException: connect failed: EHOSTUNREACH (No route to host)
W/System.err(15799): at libcore.io.Posix.connect(Native Method)
W/System.err(15799): at libcore.io.BlockGuardOs.connect(BlockGuardOs.java:85)
W/System.err(15799): at libcore.io.IoBridge.connectErrno(IoBridge.java:127)
W/System.err(15799): at libcore.io.IoBridge.connect(IoBridge.java:112)
W/System.err(15799): ... 13 more
E/RESTCALL(15799): Connection to `http://192.168.156.1:8080` refused
Also, here is the code that's running on the server.
import socket
from bottle import route, run#route('/lighting/<name>', method='GET')
def hello(name="ABC"):
return name
run(host='192.168.156.1', port=8080, debug=True)
Problem solved! I stopped using the connectify hotspot and switched to a router, which my phone and laptop are connected to now.
hi frnds i installed my application on my tablet. which use some web services of my server application. my tablet and PC is connected in same network.
my pc has ip address : 192.168.1.1
and my tablet has ip ; 192.168.1.6
my server application is running. but i cant connect with my server
and my server running in jBoss not in tomcat.
when i run localhost:8080.. in browser it open the jboss community page but when i give <1p address>:8080 it doesn't open the jboss community page
my Log cat :
05-29 09:38:08.045: W/System.err(334): org.apache.http.conn.HttpHostConnectException: Connection to http://192.168.1.1:8080 refused
05-29 09:38:08.081: W/System.err(334): at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:178)
05-29 09:38:08.081: W/System.err(334): at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164)
05-29 09:38:08.081: W/System.err(334): at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119)
05-29 09:38:08.081: W/System.err(334): at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:359)
05-29 09:38:08.081: W/System.err(334): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555)
05-29 09:38:08.081: W/System.err(334): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487)
05-29 09:38:08.081: W/System.err(334): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465)
You must be using this command to run your server
D:\jboss-5.0.0.CR2\bin>run.bat
But this will only run on localhost not on network.So try this code to run your server
D:\jboss-5.0.0.CR2\bin>run.bat -b 0.0.0.0
And then try using IP Address.I think this will solve your problem.
I'am trying to connect to SSL rest service from Android. The server uses a SSL cert that is not from a common CA (Thawte, Verisign...)
I'have used this example to proceed: http://blog.antoine.li/2010/10/22/android-trusting-ssl-certificates/
However, although I've done all the steps mentioned (create a BKS provider, create a a custom SchemeRegistry) I have still the error: "No peer certificate".
The code to call the service (from an AsyncTask):
DefaultHttpClient client = new MyHttpClient(mainActivity[0].getApplicationContext());
HttpGet get = new HttpGet("<url of the service>");
get.addHeader("Autorization","Basic YW5kcm9pZDo=");
// Execute the GET call and obtain the response
HttpResponse getResponse;
try {
getResponse = client.execute(get);
....
The code of the MyHttpClient is the same of the blog example. Doing the client.execute(get) crashes with the execption:
01-06 21:47:03.615: W/System.err(19289): javax.net.ssl.SSLPeerUnverifiedException: No peer certificate
01-06 21:47:03.625: W/System.err(19289): at org.apache.harmony.xnet.provider.jsse.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:137)
01-06 21:47:03.630: W/System.err(19289): at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:93)
01-06 21:47:03.635: W/System.err(19289): at org.apache.http.conn.ssl.SSLSocketFactory.createSocket(SSLSocketFactory.java:381)
01-06 21:47:03.640: W/System.err(19289): at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:165)
01-06 21:47:03.645: W/System.err(19289): at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164)
01-06 21:47:03.645: W/System.err(19289): at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119)
01-06 21:47:03.645: W/System.err(19289): at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:360)
01-06 21:47:03.650: W/System.err(19289): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555)
01-06 21:47:03.650: W/System.err(19289): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487)
01-06 21:47:03.650: W/System.err(19289): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465)
01-06 21:47:03.650: W/System.err(19289): at validatedid.helloworldandroid.DownloadDevicePendingDocsTask.doInBackground(DownloadDevicePendingDocsTask.java:41)
01-06 21:47:03.650: W/System.err(19289): at validatedid.helloworldandroid.DownloadDevicePendingDocsTask.doInBackground(DownloadDevicePendingDocsTask.java:1)
01-06 21:47:03.655: W/System.err(19289): at android.os.AsyncTask$2.call(AsyncTask.java:264)
01-06 21:47:03.655: W/System.err(19289): at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:305)
01-06 21:47:03.655: W/System.err(19289): at java.util.concurrent.FutureTask.run(FutureTask.java:137)
01-06 21:47:03.655: W/System.err(19289): at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:208)
01-06 21:47:03.660: W/System.err(19289): at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1076)
01-06 21:47:03.660: W/System.err(19289): at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:569)
01-06 21:47:03.660: W/System.err(19289): at java.lang.Thread.run(Thread.java:856)
In some places say it could be an error from the server but I don't know how to check that. Any help would be really apreciated.
Thanks in advance.
Looking more into stackoverflow I find the solution to the problem.
Looks like using the code from http://blog.antoine.li/2010/10/22/android-trusting-ssl-certificates/ is not enough (at least for me).
SSLSocketFactory needs to be subclassed. Full explanation in: Trusting all certificates using HttpClient over HTTPS
I leave here the answer in case anybody arrives here.
I hope in next versions of Android it will be a easier way to acces rest services with https because is a common task and currently is not very easy.
I used ->this<- to make my Https Self-Signed Certificate connections, without disabling certificate or host validation, so it's REALLY secure from SSL pov.
In resume, need to create a Custom Keystore on your app so you can validate your server HTTP against the app KeyStore.
It's dissapointing to see that too much people consider disabling SSL validations a correct answer to this type of questions, when in fact, the whole point of SSL is Security and Validations. If you intend to avoid any validation, just stick to plain HTTP
Please refer to this answer i've recently made on another question