How to fix no peer certificate android

Have a question around this project? Sign up for a free account to open an issue and also contact its maintainers and the area.

Pick a username Email Address Password Sign up for

By clicking “Sign up for”, you agree to our terms of organization and privacy statement. We’ll periodically sfinish you account connected emails.

You watching: How to fix no peer certificate android

Alprepared on Sign in to your account


TLS 1.1 and also 1.2 are supported from API 16, however not enabled by default till API 20.

Install TLS 1.2 as soon as needed


The first point we realized was that despite documentation arguing otherwise, not all devices on Android 4.1+ actually assistance TLS 1.2. Even though it is likely because of device manufacturers not fully following the main Android specs, we had actually to execute what we can to ensure this would job-related for our users.

Luckily, Google Play Services provides a way to execute this. The solution is to usage ProviderInstaller from Google Play Services to attempt to upday the device to support the latest and best protection protocols.

Does not seem to occupational, as the root problem was that TLS was not enabled

Try normal HttpsUrlConnection

If we usage any networking library and also suspect it is the cause, then try making use of normal HttpsUrlConnection to inspect.

See more: Why Doesn'T My S4 Screen Is Black Display On A Samsung Phone Or Tablet

class MyHttpRequestTask extends AsyncTaskString,Integer,String>
Override defended String doInBackground(String... params) String my_url = params<0>; try URL url = new URL(my_url); HttpsURLConnection httpURLConnection = (HttpsURLConnection) url.openConnection(); httpURLConnection.setSSLSocketFactory(new MyFactory()); // setting the Research Method Type httpURLConnection.setRequestMethod("GET"); // adding the headers for request httpURLConnection.setRequestProperty("Content-Type", "application/json"); String outcome = readStream(httpURLConnection.getInputStream()); Log.e("HttpsURLConnection", "data" + result.toString()); catch (Exception e) e.printStackTrace(); Log.e("HttpsURLConnection ", "error" + e.toString()); return null; exclusive static String readStream(InputStream is) throws IOException last BufferedReader reader = new BufferedReader(new InputStreamReader(is, Charcollection.forName("US-ASCII"))); StringBuilder full = new StringBuilder(); String line; while ((line = reader.readLine()) != null) full.append(line); if (reader != null) reader.close(); rerotate total.toString(); course MyFactory exoften tends SSLSocketFactory { personal internalSSLSocketFactory; public MyFactory() throws KeyManagementException, NoSuchAlgorithmException SSLContext conmessage = SSLContext.getInstance("TLS"); conmessage.init(null, null, null); internalSSLSocketFactory = context.getSocketFactory();
Override public String<> getDefaultCipherSuites() rerotate internalSSLSocketFactory.getDefaultCipherSuites();
Override public String<> getSupportedCipherSuites() rerotate internalSSLSocketFactory.getSupportedCipherSuites();
Override public Socket createSocket() throws IOException rerotate enableTLSOnSocket(internalSSLSocketFactory.createSocket());
Override public Socket createSocket(Socket s, String hold, int port, boolean autoClose) throws IOException rerotate enableTLSOnSocket(internalSSLSocketFactory.createSocket(s, hold, port, autoClose));
Override public Socket createSocket(String organize, int port) throws IOException, UnknownHostException rerevolve enableTLSOnSocket(internalSSLSocketFactory.createSocket(organize, port));
Override public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException, UnknownHostException return enableTLSOnSocket(internalSSLSocketFactory.createSocket(hold, port, localHost, localPort));
The key is setEnabledProtocols. Then use

String url = ""brand-new MyHttpRequestTask().execute(url);

Use tradition SSLSocketFactory in some netfunctioning libraries

If our practice MyFactory functions for HttpsUrlConnection, then the problem lies in some third party networking libraries.

The Android documentation for SSLSocket states that TLS 1.1 and TLS 1.2 is supported within android founding API level 16+ (Android 4.1, Jelly Bean). But it is by default disabled but founding with API level 20+ (Android 4.4 for watch, Kitkat Watch and also Android 5.0 for phone, Lollipop) they are allowed. But it is incredibly tough to discover any type of documentation around just how to allow it for phones running 4.1 for instance.

The initially thing you must perform is to make sure that your minimum required API level is 16 to have actually the following code functioning in your task.

See more: Insert A Valid Sim With No Pin Lock, To Activate Iphone

To enable TLS 1.1 and 1.2 you need to produce a practice SSLSocketFactory that is going to proxy all calls to a default SSLSocketFactory implementation. In addition to that execute we need to override all createSocket approaches and callsetEnabledProtocols on the went back SSLSocket to permit TLS 1.1 and also TLS 1.2. For an example implementation simply follow the attach listed below.

import;class MyFactory exoften tends org.apache.http.conn.ssl.SSLSocketFactory public static KeyStore getKeyStore() KeyStore trustStore = null; try trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); trustStore.load(null, null); catch (Throwable t) t.printStackTrace(); rerevolve trustStore; exclusive SSLSocketFactory internalSSLSocketFactory; public MyFactory(KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException super(truststore); SSLConmessage context = SSLConmessage.getInstance("TLS"); conmessage.init(null, null, null); internalSSLSocketFactory = context.getSocketFactory();
Override public Socket createSocket(Socket socket, String organize, int port, boolean autoClose) throws IOException, UnknownHostException rerotate enableTLSOnSocket(internalSSLSocketFactory.createSocket(socket, hold, port, autoClose)); exclusive Socket enableTLSOnSocket(Socket socket) if(socket != null && (socket instanceof SSLSocket)) ((SSLSocket)socket).setEnabledProtocols(new String<> "TLSv1.1", "TLSv1.2"); rerotate socket;