I am trying to make HTTPS calls to site that has 2 SSL certificates: a self-signed certificate and a certificate that was signed by the the first certificate. When I use an HttpClient to send a request to the site, the console logs an untrusted chain, shows both certificates, then print a long stack trace of that is caused by java.security.cert.CertPathValidatorException: Trust anchor for certification path not found
I have installed both certificates on my phone and navigating Chrome to the site shows a trusted connection (it had an untrusted connection warning before I installed the certificates). I believe the issue is that the App refuses to trust self-signed certificates. I do not have access to the server and thus have no influence on its certificates, so installing a certificate signed by a trusted CA is not viable.
Solutions I've tried that have not worked.
ServicePointManager.ServerCertificateValidationCallback doesn't seem to run.
I have tried using my own function for ServicePointManager.ServerCertificateValidationCallback
, but the delegate I give it never seems to run. I have the following code in my MainActivity.OnCreate method, but the console never logs the message:
System.Net.ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) =>
return true;
HttpClientHandler.ServerCertificateCustomValidationCallback throws an exception.
I have tried using an HttpClientHandler
and settings its ServerCertificateCustomValidationCallback
, but I just get the message:
System.NotImplementedException: The method or operation is not implemented. at System.Net.Http.HttpClientHandler.set_ServerCertificateCustomValidationCallback (System.Func`5[T1,T2,T3,T4,TResult] value)
Setup code:
HttpClientHandler handler = new HttpClientHandler();
handler.ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => true;
HttpClient client = new HttpClient(handler);
with its default settings (except when I tried to use an HttpClientHandler). – Aaron TSystem.Net.WebException: Unable to read data from the transport connection: Connection reset by peer.
. – Aaron T