Trust anchor for certification path not found.

Hi there,

I'm currently developing an app where (working with a third party) I make calls to their web service.

As part of this, I make a HttpClient (initialised with a new Xamarin.Android.NetAndroidClientHandler() for my Android testing), and after tweaking some request headers, await a response with client.GetStringAsync(targetURL).

With this all in a try catch, it get's caught in a catch with a java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

From what I can gather online, this means that the server is replying with an authentication certificate that isn't trusted. However, I know that the server has been issued with a certificate from a trusted CA, and have found the same type of certificate in the Android device's trusted CA Certificates.

Can someone assist me in getting this working? Some things I've been trying to work out that could help include:
1) Does a Xamarin cross-platform application use the Android devices trusted certificates, or (as it's built with Mono) does it have it's own certificate store somewhere?
2) Am I able to install a trusted certificate as part of the application?

Using the same HttpClient implementation as above, I am able to connect to generic sites like Google and Microsoft. So I don't think it's an issue with implementation, especially as the java exception seems to indicate is is connecting to the web service, just not with a trusted certificate.

Thanks

Answers

  • Bartdk-Bartdk- USUniversity ✭✭

    @SamuelPike : Did you ever find a solution to this problem ?

  • JoshuaPaldoJoshuaPaldo USMember

    Also experienced this kind of problem. and still looking for other possible solutions. @SamuelPike , I hope you could shed some light on how you solved this.

  • JeffLimJeffLim USMember ✭✭
    edited October 2018

    Cool, I am encountering the same problem. I got this error message when I tried to connect from my Android App to .Net Core Web Api that running within the same machine in Mac. (I would like to code and debug within the same machine.. )

    Error message:
    "java.security.cert.CertPathValidatorException:Trust anchor for certification path not found"
    

    Here is the solution of how I managed to resolve it:

    **In Android Build: **
    HttpClient Implementation: AndroidClientHandler
    SSL/TLS implementation: Default (Native TLS 1.2+)

    **In my MainActivity.cs, I put this line of code as well: **
    ServicePointManager.ServerCertificateValidationCallback += (o, cert, chain, errors) => true;

    Besides, I have this line for my HttpClient:
    Instead of:
    var httpClient = new HttpClient();
    I changed it to:
    var httpClient = new HttpClient(new System.Net.Http.HttpClientHandler());

    **In my WebAPI project, instead of using localhost, I replaced it with the local IP address. **
    I did it in:
    Right click the WebAPI project, goto --> Options --> Run (left hand-side menu) --> Default --> Choose 'ASP.NET Core' tab.
    App URL: https://10.1.1.226:5001

    That's all !!

  • I did exactly what JeffLim suggested and it solved my issues - thanks

Sign In or Register to comment.