java - DefaultHttpClient, Certificates, Https and posting problem! -

my application needs able post https , preserve session created cookies. far, have several different ways of trying problem , none working. looking using defaulthttpclient because supposed automatically preserve sessions created cookies. saves me pain of reading cookie , submitting every other post. however, when try post using code have, post fails certificate error listed below.

i had certificate error earlier way trying solve problem , got working httpsurlconnection, not preserve sessions cookies automatically.

can please take @ code , tell me doing wrong, can better , needs change work.? thanks!!

i have been trying solve problem few days , getting know where. every time little further pushed further back. can please assist me! =)

//my posting function     private static string post(string urlstring, list<namevaluepair> namevaluepairs)     throws malformedurlexception, protocolexception, ioexception {         dataoutputstream ostream = null;          hostnameverifier hostnameverifier = org.apache.http.conn.ssl.sslsocketfactory.allow_all_hostname_verifier;          defaulthttpclient client = new defaulthttpclient();          schemeregistry registry = new schemeregistry();         sslsocketfactory socketfactory = sslsocketfactory.getsocketfactory();         socketfactory.sethostnameverifier((x509hostnameverifier) hostnameverifier);         registry.register(new scheme("https", socketfactory, 443));         singleclientconnmanager mgr = new singleclientconnmanager(client.getparams(), registry);         defaulthttpclient http = new defaulthttpclient(mgr, client.getparams());          httpsurlconnection.setdefaulthostnameverifier(hostnameverifier);          httppost httppost = new httppost(urlstring);          httppost.setentity(new urlencodedformentity(namevaluepairs));          httpresponse response = http.execute(httppost);          return response.tostring(); } 

---

//the error 04-12 00:37:43.941: warn/system.err(284): javax.net.ssl.sslexception: not trusted server certificate 04-12 00:37:43.961: warn/system.err(284):     @ org.apache.harmony.xnet.provider.jsse.opensslsocketimpl.starthandshake(opensslsocketimpl.java:371) 04-12 00:37:43.961: warn/system.err(284):     @ org.apache.http.conn.ssl.abstractverifier.verify(abstractverifier.java:92) 04-12 00:37:43.970: warn/system.err(284):     @ org.apache.http.conn.ssl.sslsocketfactory.createsocket(sslsocketfactory.java:381) 04-12 00:37:43.980: warn/system.err(284):     @ org.apache.http.impl.conn.defaultclientconnectionoperator.openconnection(defaultclientconnectionoperator.java:164) 04-12 00:37:43.980: warn/system.err(284):     @ org.apache.http.impl.conn.abstractpoolentry.open(abstractpoolentry.java:164) 04-12 00:37:43.992: warn/system.err(284):     @ org.apache.http.impl.conn.abstractpooledconnadapter.open(abstractpooledconnadapter.java:119) 04-12 00:37:44.000: warn/system.err(284):     @ org.apache.http.impl.client.defaultrequestdirector.execute(defaultrequestdirector.java:348) 04-12 00:37:44.000: warn/system.err(284):     @ org.apache.http.impl.client.abstracthttpclient.execute(abstracthttpclient.java:555) 04-12 00:37:44.000: warn/system.err(284):     @ org.apache.http.impl.client.abstracthttpclient.execute(abstracthttpclient.java:487) 04-12 00:37:44.020: warn/system.err(284):     @ org.apache.http.impl.client.abstracthttpclient.execute(abstracthttpclient.java:465) 04-12 00:37:44.020: warn/system.err(284):     @ cpe495.smartapp.smartdbhelper.post(smartdbhelper.java:208) 04-12 00:37:44.030: warn/system.err(284):     @ cpe495.smartapp.smartdbhelper.authenticate(smartdbhelper.java:105) 04-12 00:37:44.030: warn/system.err(284):     @ cpe495.smartapp.datasender.submitdata(datasender.java:28) 04-12 00:37:44.040: warn/system.err(284):     @ cpe495.smartapp.datasender.senddata(datasender.java:21) 04-12 00:37:44.051: warn/system.err(284):     @ cpe495.smartapp.smartapp$1.datareceivedreceived(smartapp.java:60) 04-12 00:37:44.061: warn/system.err(284):     @ cpe495.smartapp.connectdevice.firedatareceivedevent(connectdevice.java:287) 04-12 00:37:44.061: warn/system.err(284):     @ cpe495.smartapp.connectdevice.run(connectdevice.java:254) 04-12 00:37:44.071: warn/system.err(284):     @ java.lang.thread.run(thread.java:1096) 04-12 00:37:44.071: warn/system.err(284): caused by: java.security.cert.certificateexception: java.security.cert.certpathvalidatorexception: trustanchor certpath not found. 04-12 00:37:44.090: warn/system.err(284):     @ org.apache.harmony.xnet.provider.jsse.trustmanagerimpl.checkservertrusted(trustmanagerimpl.java:168) 04-12 00:37:44.100: warn/system.err(284):     @ org.apache.harmony.xnet.provider.jsse.opensslsocketimpl.starthandshake(opensslsocketimpl.java:366) 04-12 00:37:44.110: warn/system.err(284):     ... 17 more 04-12 00:37:44.110: warn/system.err(284): caused by: java.security.cert.certpathvalidatorexception: trustanchor certpath not found. 04-12 00:37:44.129: warn/system.err(284):     @ org.bouncycastle.jce.provider.pkixcertpathvalidatorspi.enginevalidate(pkixcertpathvalidatorspi.java:149) 04-12 00:37:44.150: warn/system.err(284):     @ java.security.cert.certpathvalidator.validate(certpathvalidator.java:202) 04-12 00:37:44.150: warn/system.err(284):     @ org.apache.harmony.xnet.provider.jsse.trustmanagerimpl.checkservertrusted(trustmanagerimpl.java:164) 04-12 00:37:44.150: warn/system.err(284):     ... 18 more 

this issue due fact client application not able validate build certificate path trust anchor (a root trusted certification authority) , ssl server certificate. therefore certificate not trusted , ssl handshake fails.

the apache httpclient api provides nice feature you. sslsocketfactory constructor can take keystore parameter, contains trusted certificates.

then can:

1. create keystore keytool containing either root ca certificate or server certificate directly.
2. add keystore application
3. builds sslsocketfactory keystore

for technical details , code snippets can read blog post bob lee: http://blog.crazybob.org/2010/02/android-trusting-ssl-certificates.html