Home/ Questions/Q 8875669
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-14T19:01:52+00:00

I’ve made an Android application that uses a X509 certificate (that is in the

  • 0

I’ve made an Android application that uses a X509 certificate (that is in the folder res/raw/mykeystore.bks) to sign to remote server that respond on the 9006 port.

the server ask me for a login (username, password).

when i make an HTTPGet i’ve the following exeption:
org.apache.http.client.ClientProtocolException

Here is my implementation:

The main Activity:

public void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);
    setContentView(R.layout.activity_main);
    Button b= (Button) findViewById(R.id.button1);
    b.setOnClickListener(new OnClickListener() {

        @Override
        public void onClick(View v) {               
             CredentialsProvider credProvider = new BasicCredentialsProvider();
                credProvider.setCredentials(new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT),
                    new UsernamePasswordCredentials("rat#1", "rat"));
            HttpClient client = new MyHttpClient(getApplicationContext());
               ((AbstractHttpClient) client).setCredentialsProvider(credProvider);

               //final String url = "https://211.92.106.38:9006/KPIRest/testKpi/6";
               final String url = "https://211.92.106.38/KPIRest/testKpi/6";
               HttpGet httpGet = new HttpGet(url);

               try {
                HttpResponse response = client.execute(httpGet);
            } catch (ClientProtocolException e) {
                // TODO Auto-generated catch block
                e.printStackTrace();
            } catch (IOException e) {
                // TODO Auto-generated catch block
                e.printStackTrace();
            }

        }
    });

Custom Client Class:

public class MyHttpClient extends DefaultHttpClient {

final Context context;

public MyHttpClient(Context context) {
    this.context = context;
}

@Override
protected ClientConnectionManager createClientConnectionManager() {

        KeyStore trustStore = null;
            trustStore = KeyStore.getInstance("BKS");

        InputStream in = context.getResources().openRawResource(R.raw.mykeystore);
        try {
            // Initialize the keystore with the provided trusted certificates
            // Also provide the password of the keystore
            trustStore.load(in, "root01".toCharArray());
        } 
        } finally {

                in.close();

        }

        SSLSocketFactory sf=null;

            sf = new MySSLSocketFactory(trustStore);

        sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

        HttpParams params = new BasicHttpParams();
        HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
        HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);

        SchemeRegistry registry = new SchemeRegistry();
        registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
        registry.register(new Scheme("https", sf, 9006));
    return new SingleClientConnManager(params, registry);
}
}

My Customc SSLSoketFactory class:

public class MySSLSocketFactory extends SSLSocketFactory {
SSLContext sslContext = SSLContext.getInstance("TLS");

public MySSLSocketFactory(KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
    super(truststore);

    TrustManager tm = new X509TrustManager() {
        public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        }

        public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        }

        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    };

    sslContext.init(null, new TrustManager[] { tm }, null);
}

@Override
public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException {
    return sslContext.getSocketFactory().createSocket(socket, host, port, autoClose);
}

@Override
public Socket createSocket() throws IOException {
    return sslContext.getSocketFactory().createSocket();
}
}

what’s wrong in my application? What causes that Exception?

Thank you all!

EDIT:

I was looking better the exception:

cause=
org.apache.http.auth.MalformedChallengeException: Authentication challenge is empty.

EDIT 2:

I’ve tryed to use this implementation with no difference, I’ve the same exception!

EDIT 3: I’ve replaced 

 CredentialsProvider credProvider = new BasicCredentialsProvider();
                credProvider.setCredentials(new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT),
                    new UsernamePasswordCredentials("rat#1", "rat"));

client).setCredentialsProvider(credProvider);

with the base httpclient autentication, adding the header Authorization to the httpGet:

  httpGet.addHeader("Authorization", "Basic "+Base64.encodeToString("rat#1:rat".getBytes(),Base64.DEFAULT));

now the server send me this message:

HTTP/1.1 400 Bad Request
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    the problem was the Authorization header.

    We have to use:

    httpGet.addHeader("Authorization", "Basic "+Base64.encodeToString("rat#1:rat".getBytes(),Base64.NO_WRAP));

    Instead of:

    httpGet.addHeader("Authorization", "Basic "+Base64.encodeToString("rat#1:rat".getBytes(),Base64.DEFAULT));

    because the DEFAULT parameter add “CR” line terminator at the end of string and it’s uncorrect if you’ll use it that header.

    • 0