SSL handshake exception retrofit android

The90sArtist picture The90sArtist · Oct 27, 2017 · Viewed 10.6k times · Source

I am getting unusual exception suddenly after base url got changed from http:// to https://. Every time I hit API with https:// I can see log flashing "HTTP FAILED: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found." this error.

I thought retrofit auto imports the certificate most times (as I have tried connecting https:// many times using retrofit. I didn't faced this issue earlier)

Answer

Sunil P picture Sunil P · Oct 27, 2017

The problem is not on app side absolutely. Tell your supervisor that your HTTP clients can’t connect to fatally insecure HTTPS servers. You can say it's a limitation of computers and your only option is to update the server.

Once you’ve done that you can add a development-only debug mode. To do it, enable a cipher suite that your server supports. You can get the list from the Qualys tool.