How to obtain and use a public SSL certificate for Spotify web API

0
votes

I'm using Volley to pull down xml from Spotify.

Here's an example url:

https://api.spotify.com/v1/search?q=album:The%20Piano%20Starts%20Here%20artist:Art%20Tatum&type=album&limit=5

But when I try to pull the xml down from this website, Volley returns this error message:

javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

I've tried to explain this error to myself in lay-man's terms, and I believe that I need to download a public certificate according to here on SO

First you need to obtain the public certificate from the server you're trying to connect to. That can be done in a variety of ways, such as contacting the server admin and asking for it, using openssl to download it, or, since this appears to be an HTTP server, connecting to it with any browser, viewing the page's security info, and saving a copy of the certificate. (Google should be able to tell you exactly what to do for your specific browser.)

I understand the basic concepts of private and public key cryptography, but I can't really follow these instructions. Could someone please explain these instructions in lay-mans terms?

Thanks

1
javaandroidandroid-volleyspotify
Have you had a look at the spotify documentation? It seems to be pretty detailed and I would start there.gonzo
I figured out the problem. I had an app running in the background that was causing the problem. But out of curiosity, how is it possible that I am connecting to an https without using a certificate?the_prole
You are confused, you as the client do not need a certificate to connect to a server over HTTPS. The server merely needs to present you the client with a public certificate issued by an authority that you trust.rmlan
@rmlan Thanks. So the certificate is just presented to me as soon as I make an https request? I don't need to "find" it?the_prole
Correct. The second block of text you quoted refers to situations where the issuer of the server's certificate is not already trusted by the JVM your code is running on. Major websites (such as Spotify) generally have certificates that are issued by major Certificate Authorities, and thus are trusted out-of-the-box on the JVM.rmlan

1 Answers

0
votes

I figured out the problem. I had an app running in the background that was causing the problem.