“CertPathValidatorException: Trust anchor for cert

I have recently updated the asmack jar. Now I am getting an error like this:

07-18 12:49:29.523: W/XMPPConnection(6817): javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

When I am trying to connect. Earlier everything was working properly (with old version).

回答1:

Yes,with the older version of asmack(till aSmack-0.8.10) below code was working fine without any error if you write something like below,

ConnectionConfiguration connConfig = new ConnectionConfiguration("host_name", 5222 ); connConfig.setSecurityMode(SecurityMode.enabled);

But with the newer version of asmack(aSmack-4.0.4) this error is will remain persist if you use connConfig.setSecurityMode(SecurityMode.enabled);

As mention by @cOcO here The SSL is not properly configured.For this you can use MemorizingTrustManager .

Its an open source library ,download it and import as android project in eclipse and add to you android project as libraryProject.

After adding this library add below lines to your AndroidManifest.xml

<application
        android:allowBackup="true"
        android:icon="@drawable/ic_launcher"
        android:label="@string/app_name"
        android:theme="@style/AppTheme" >

<activity android:name="de.duenndns.ssl.MemorizingActivity"
            android:theme="@android:style/Theme.Translucent.NoTitleBar" />

</application>

Now add below code in your xmpp service

try {
            SSLContext sc = SSLContext.getInstance("TLS");
            sc.init(null, MemorizingTrustManager.getInstanceList(this.getApplicationContext()), new SecureRandom());
            connConfig.setCustomSSLContext(sc);
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalStateException(e);
        } catch (KeyManagementException e) {
            throw new IllegalStateException(e);
        }

Hope above code will solve your problem.

Edit: 16_10_2014 for more information about trust manager you can visit this link https://github.com/Flowdalic/asmack/wiki/Truststore

回答2:

The SSL is not properly configured. Those trust Anchor errors usually mean that the trust store cannot be found. Check your configuration and make sure you are actually pointing to the trust store and that it is in place.