Btukfyl

I'm trying to connect to a WCF server using HTTPS connection (UrlHttpsConnection class) and always get the error "Trust anchor for certification path not found".
I found thousands examples on the Web about that issue but nothing that really helps me.

My WCF service works with a certificate signed by an internal CA that has been added to the list of trusted CAs on my smartphone. If I call the url https://myserver/myservice/test from Chrome on my smartphone, I no longer have warning, the certificate is considered as valid. From my app, I keep getting the error message.

Do you know why my app does not consider the server certificate as valid while Chrome does ? How can I fix that ?

For security reasons, I don't want ignore the SSL verification.

Thank you in advance for your suggestions.

Try this way but i used retrofit for api calling..

  public class ApiClient {

//public final static String BASE_URL = "https://prod.appowiz.com/app/services/";

public final static String BASE_URL_SECURE = "Pass your url";



public static ApiClient apiClient;



private Retrofit retrofit = null;

private static Retrofit storeRetrofit = null;



public Retrofit getClient(Context context) {

    HttpLoggingInterceptor interceptor = new HttpLoggingInterceptor();

    interceptor.setLevel(HttpLoggingInterceptor.Level.BODY);

    OkHttpClient client = new OkHttpClient.Builder().addInterceptor(interceptor).build();



    retrofit = new Retrofit.Builder()

            .baseUrl(BASE_URL_SECURE)

            .addConverterFactory(GsonConverterFactory.create())

            .client(client)

            .build();





    return retrofit;

}

 public static Retrofit getStore() {

    if (storeRetrofit == null) {

        final TrustManager trustAllCerts = new TrustManager{new X509TrustManager() {

            @Override

            public void checkClientTrusted(java.security.cert.X509Certificate chain, String authType) {



            }





            @Override

            public void checkServerTrusted(java.security.cert.X509Certificate chain, String authType) {



            }





            @Override

            public java.security.cert.X509Certificate getAcceptedIssuers() {



                return new java.security.cert.X509Certificate[0];

            }

        }};



        // Install the all-trusting trust manager

        final SSLContext sslContext;

        HttpLoggingInterceptor interceptor = new HttpLoggingInterceptor();

        interceptor.setLevel(HttpLoggingInterceptor.Level.BODY);

        try {

            sslContext = SSLContext.getInstance("TLS");

            sslContext.init(null, trustAllCerts, new java.security.SecureRandom());

            final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();

            final OkHttpClient okHttpClient = new OkHttpClient.Builder()

                    .addInterceptor(interceptor)

                    .connectTimeout(10, TimeUnit.SECONDS)

                    .writeTimeout(10, TimeUnit.SECONDS)

                    .readTimeout(30, TimeUnit.SECONDS)

                    .sslSocketFactory(sslSocketFactory).hostnameVerifier(org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)

                    .build();

            storeRetrofit = new Retrofit.Builder()

                    .baseUrl(BASE_URL_SECURE)

                    .addConverterFactory(GsonConverterFactory.create())

                    .client(okHttpClient)

                    .build();





        } catch (NoSuchAlgorithmException | KeyManagementException e1) {

            CustomLogHandler.printErrorlog(e1);

        }



    }



    return storeRetrofit;

}

for api calling create interface..

public interface ApiInterface {



@POST("device/add_device_name")

Call<AddDeviceNameVo> addDeviceName(@Body JsonObject body);



 }

called api into activity or fragment like this way..

        apiInterface = ApiClient.getStore().create(ApiInterface.class);