I am using OkHttpClient (by squareup) to make rest api calls in my android app. When a HTTPS url is used, does OkHttpClient use the android system's Trusted Certificates (found in Settings -> Security -> Trusted Credentials) ?
Because I am observing these 2 things :
- The certificate in the server is one issued by
Amazon, which in turn is issued byStarfield Class 2 Certification Authority. The later is added in the android system's list of trusted CAs. But the connection with server works even after I disableStarfield Class 2 Certification Authorityin the android system.
So, I thinkOkHttpClientis not using android system's trusted CAs to validate the certificate given by server?? - I tried with another certificate, this time issued by
StarCom Class 1 Dv CA, which in turn is issued byStarCom Certification Authority. The later is present in android system's trusted CA and is enabled. But still the SSL handshake fails with the reasonjavax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
Can anyone explain what is happening?
Aucun commentaire:
Enregistrer un commentaire