24

I am having the following error Hostname domain.com not verified: Not "javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated" I was able before to connect to different host, in this host I am facing problems , how to fix it 

 javax.net.ssl.SSLPeerUnverifiedException: Hostname domain.com not verified:
    certificate: sha1//WQM9QbrKs6DCFa9qN/EIw1ywBw=
    DN: CN=*.ipage.com,OU=Domain Control Validated - RapidSSL(R),OU=See www.rapidssl.com/resources/cps (c)14,OU=GT29505539
    subjectAltNames: [*.ipage.com, ipage.com]
            at com.squareup.okhttp.Connection.connectTls(Connection.java:244)
            at com.squareup.okhttp.Connection.connectSocket(Connection.java:199)
            at com.squareup.okhttp.Connection.connect(Connection.java:172)
            at com.squareup.okhttp.Connection.connectAndSetOwner(Connection.java:367)
            at com.squareup.okhttp.OkHttpClient$1.connectAndSetOwner(OkHttpClient.java:128)
            at com.squareup.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:328)
            at com.squareup.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:245)
            at com.squareup.okhttp.Call.getResponse(Call.java:267)

this is my code

  try {
                    JSONObject jsonObject = new JSONObject();
                    jsonObject.accumulate("name", name);
                    jsonObject.accumulate("password", pass);
                    jsonObject.accumulate("email", emails);
                    json = jsonObject.toString();
                    Log.e("MYAPP", "getjson");

                } catch (JSONException e) {
                    Log.e("MYAPP", "unexpected JSON exception", e);
                }
                try{
                    RequestBody formBody = new FormEncodingBuilder()
                            .add("name", name)
                            .build();
                    Request request = new Request.Builder()
                            .url("https://justedhak.com/Files/users.php")
                            .post(formBody)
                            .build();
Improve this question
24
  • 1
    @Moudiz do it with http, maybe https is not available on server side Commented Nov 5, 2015 at 8:59
  • 2
    @Moudiz Yes, you have to contact the host. Commented Nov 5, 2015 at 8:59
  • 1
    let it be i am too lazy to write the whole answer again :P Glad i was helpful to you :) Commented Nov 5, 2015 at 9:13
  • 1
    Pls read my answer at the following stackoverflow.com/questions/33067368/… Commented Nov 5, 2015 at 14:55
  • 1
    I really appreciat that your helping me in all my questions , my problem was I didnt purchase the certificate from the host. so I am accessing the php files such way http in the future maybe ill use SSL @BNK Commented Nov 5, 2015 at 15:18

3 Answers 3

Reset to default
33

UPDATE

Because the exception is javax.net.ssl.SSLPeerUnverifiedException: Hostname justedhak.com not verified with DN: CN=*.ipage.com... and subjectAltNames: [*.ipage.com, ipage.com]

As a result, you can replace the setHostnameVerifier at my below sample code (because return true is not recommended) by the following:

client.setHostnameVerifier(new HostnameVerifier() {
            @Override
            public boolean verify(String hostname, SSLSession session) {
                //return true;
                HostnameVerifier hv =
                        HttpsURLConnection.getDefaultHostnameVerifier();
                return hv.verify("ipage.com", session);
            }
        });

You will get the success result as the below screenshot too.

If you want to work with that host's HTTPS only for your learning purpose or developing environment, you can refer the following way, of course you can change my GET request by your POST one:

    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_main);
        mTextView = (TextView) findViewById(R.id.textView);
        mHandler = new Handler(Looper.getMainLooper());
        OkHttpClient client = new OkHttpClient();
        client.setHostnameVerifier(new HostnameVerifier() {
            @Override
            public boolean verify(String hostname, SSLSession session) {
                return true;
            }
        });
        Request request = new Request.Builder()
                .url("https://justedhak.com/Files/users.php")
                .build();
        client.newCall(request).enqueue(new Callback() {
            @Override
            public void onFailure(Request request, IOException e) {
                // do something...
                Log.e(LOG_TAG, e.toString());
            }

            @Override
            public void onResponse(Response response) throws IOException {
                // do something...
                Log.i(LOG_TAG, response.body().string());
            }
        });
    }

Here's the screenshot

BNK's screenshot

You can also read more at the following question:

OkHttp trusting certificate

Improve this answer
Sign up to request clarification or add additional context in comments.

7 Comments

IMO, you can read here developer.android.com/training/articles/security-ssl.html, at Common Problems with Hostname Verification section
I mean that for "return true" only, for return hv.verify("...com", session); I am not so sure, although you can find caution in Google's documentation
okay ill read about it . btw do you have an answers covers about how user login/log out session ?
See stackoverflow.com/questions/31466653/… if it is the one you ask :)
@i-Droid I think it works, you can try OkHttpClient client = new OkHttpClient.Builder() .hostnameVerifier(new ...) .build(); Retrofit retrofit = new Retrofit.Builder() .baseUrl(API_URL_BASE) .addConverterFactory(GsonConverterFactory.create()) .client(client) .build();
|
2

I resolved this in retrofit2 by adding a hostname verifier and returning it to true.

OkHttpClient client = new OkHttpClient.Builder()
                    .hostnameVerifier(new HostnameVerifier() {
                        @Override
                        public boolean verify(String hostname, SSLSession session) {
                            HostnameVerifier hv = HttpsURLConnection.getDefaultHostnameVerifier();
                            return true;
                        }
                    })
                    .connectTimeout(100, TimeUnit.SECONDS)
                    .readTimeout(100, TimeUnit.SECONDS).build();
Improve this answer

Comments

1

I had the same error in Jenkins trying to access GIT, the real error was that GIT address changes periodically (AWS based) and the Jenkins had an address of GIT, which was not valid anymore. A restart of jvm was enough to solve it, but reducing ttl would be best solution

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.