Aerogear SSLHandshakeException CertPathValidatorException

Я только начал тестировать решение для push-уведомлений aerogear. Я установил его локально через докер. Кажется, что есть проблемы с сертификатом SSL. Я даже нашел этот билет, который, кажется, закрыт. Я попытался зарегистрировать эмулятор Android, и у меня возникает следующая проблема:

javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:328)
at com.android.okhttp.internal.http.SocketConnector.connectTls(SocketConnector.java:103)
at com.android.okhttp.Connection.connect(Connection.java:143)
at com.android.okhttp.Connection.connectAndSetOwner(Connection.java:185)
at com.android.okhttp.OkHttpClient$1.connectAndSetOwner(OkHttpClient.java:128)
at com.android.okhttp.internal.http.HttpEngine.nextConnection(HttpEngine.java:341)
at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:330)
at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:248)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:433)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:114)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.getOutputStream(HttpURLConnectionImpl.java:245)
at com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.getOutputStream(DelegatingHttpsURLConnection.java:218)
at com.android.okhttp.internal.huc.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java)
at org.jboss.aerogear.android.pipe.http.HttpRestProvider.addBodyRequest(HttpRestProvider.java:219)
at org.jboss.aerogear.android.pipe.http.HttpRestProvider.post(HttpRestProvider.java:147)
at org.jboss.aerogear.android.pipe.http.HttpRestProvider.post(HttpRestProvider.java:134)
at org.jboss.aerogear.android.unifiedpush.fcm.AeroGearFCMPushRegistrar$4.doInBackground(AeroGearFCMPushRegistrar.java:180)
at org.jboss.aerogear.android.unifiedpush.fcm.AeroGearFCMPushRegistrar$4.doInBackground(AeroGearFCMPushRegistrar.java:135)
at android.os.AsyncTask$2.call(AsyncTask.java:295)
at java.util.concurrent.FutureTask.run(FutureTask.java:237)
at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:234)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1113)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:588)
at java.lang.Thread.run(Thread.java:818)
Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:318)
at com.android.org.conscrypt.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:219)
at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:115)
at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:556)
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:324)
at com.android.okhttp.internal.http.SocketConnector.connectTls(SocketConnector.java:103) 
at com.android.okhttp.Connection.connect(Connection.java:143) 
at com.android.okhttp.Connection.connectAndSetOwner(Connection.java:185) 
at com.android.okhttp.OkHttpClient$1.connectAndSetOwner(OkHttpClient.java:128) 
at com.android.okhttp.internal.http.HttpEngine.nextConnection(HttpEngine.java:341) 
at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:330) 
at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:248) 
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:433) 
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:114) 
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.getOutputStream(HttpURLConnectionImpl.java:245) 
at com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.getOutputStream(DelegatingHttpsURLConnection.java:218) 
at com.android.okhttp.internal.huc.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java) 
at org.jboss.aerogear.android.pipe.http.HttpRestProvider.addBodyRequest(HttpRestProvider.java:219) 
at org.jboss.aerogear.android.pipe.http.HttpRestProvider.post(HttpRestProvider.java:147) 
at org.jboss.aerogear.android.pipe.http.HttpRestProvider.post(HttpRestProvider.java:134) 
at org.jboss.aerogear.android.unifiedpush.fcm.AeroGearFCMPushRegistrar$4.doInBackground(AeroGearFCMPushRegistrar.java:180) 
at org.jboss.aerogear.android.unifiedpush.fcm.AeroGearFCMPushRegistrar$4.doInBackground(AeroGearFCMPushRegistrar.java:135) 
at android.os.AsyncTask$2.call(AsyncTask.java:295) 
at java.util.concurrent.FutureTask.run(FutureTask.java:237) 
at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:234) 
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1113) 
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:588) 
at java.lang.Thread.run(Thread.java:818) 
Caused by: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:318) 
at com.android.org.conscrypt.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:219) 
at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:115) 
at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:556) 
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method) 
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:324) 
at com.android.okhttp.internal.http.SocketConnector.connectTls(SocketConnector.java:103) 
at com.android.okhttp.Connection.connect(Connection.java:143) 
at com.android.okhttp.Connection.connectAndSetOwner(Connection.java:185) 
at com.android.okhttp.OkHttpClient$1.connectAndSetOwner(OkHttpClient.java:128) 
at com.android.okhttp.internal.http.HttpEngine.nextConnection(HttpEngine.java:341) 
at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:330) 
at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:248) 
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:433) 
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:114) 
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.getOutputStream(HttpURLConnectionImpl.java:245) 
at com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.getOutputStream(DelegatingHttpsURLConnection.java:218) 
at com.android.okhttp.internal.huc.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java) 
at org.jboss.aerogear.android.pipe.http.HttpRestProvider.addBodyRequest(HttpRestProvider.java:219) 
at org.jboss.aerogear.android.pipe.http.HttpRestProvider.post(HttpRestProvider.java:147) 
at org.jboss.aerogear.android.pipe.http.HttpRestProvider.post(HttpRestProvider.java:134) 
at org.jboss.aerogear.android.unifiedpush.fcm.AeroGearFCMPushRegistrar$4.doInBackground(AeroGearFCMPushRegistrar.java:180) 
at org.jboss.aerogear.android.unifiedpush.fcm.AeroGearFCMPushRegistrar$4.doInBackground(AeroGearFCMPushRegistrar.java:135) 
at android.os.AsyncTask$2.call(AsyncTask.java:295) 
at java.util.concurrent.FutureTask.run(FutureTask.java:237) 
at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:234) 
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1113) 
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:588) 
at java.lang.Thread.run(Thread.java:818) 
Источник

1 ответ

Wildfly внутри Docker использует самозаверяющий сертификат для шифрования HTTP-трафика между Android и UPS. Есть несколько способов обойти это.

  1. Подпишите свой сертификат, используя центр сертификации
  2. Откройте порт 8080 в образе Docker и подключитесь с помощью этого
  3. Используйте закрепление сертификатов в Android N и загрузите сертификат SSL, который Wildfly использует в ваше приложение ( https://developer.android.com/training/articles/security-config.html)
  4. Внедрить TrustManager, который игнорирует ошибки SSL ( сообщая java принять самоподписанный ssl-сертификат)
Источник
Другие вопросы по тегам