question

orest01 avatar image
orest01 asked Jacob Abrams answered

javax.net.ssl.SSLHandshakeException in Clover Engine

Hi everyone, I`m working under Cisco VPN and NestScope Proxy gateway and faced with javax.net.ssl.SSLHandshakeException: issue.

Currently, I have installed clover-engine 2149 version, and during login I retrieve such error

2021-12-07 04:44:55.196 3265-3265/com.clover.engine I/LoginFragment: onTransportError(Callback.java:115)[main]: Exception javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

com.clover.common.AppException: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

at com.clover.engine.io.http.CloverOkHttpClient.<init>(CloverOkHttpClient.java:104)

at com.clover.engine.io.http.CloverOkHttpClient.instance(CloverOkHttpClient.java:90)

at com.clover.engine.authenticator.LoginFragment$5.action(LoginFragment.java:358)

at com.clover.common2.AsyncTaskAdapter.doInBackground(AsyncTaskAdapter.java:114)

at com.clover.common2.AsyncTaskAdapter.doInBackground(AsyncTaskAdapter.java:44)

at android.os.AsyncTask$2.call(AsyncTask.java:305)

at java.util.concurrent.FutureTask.run(FutureTask.java:237)

at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:243)

at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1133)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:607)

at java.lang.Thread.run(Thread.java:761)

Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:361)

at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.java:320)

at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.java:284)

at okhttp3.internal.connection.RealConnection.connect(RealConnection.java:169)

at okhttp3.internal.connection.StreamAllocation.findConnection(StreamAllocation.java:258)

at okhttp3.internal.connection.StreamAllocation.findHealthyConnection(StreamAllocation.java:135)

at okhttp3.internal.connection.StreamAllocation.newStream(StreamAllocation.java:114)

at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:42)

at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)

at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)

at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:93)

at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)

at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)

at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)

at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)

at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:127)

at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)

at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)

at com.clover.core.interceptor.LogInterceptor.intercept(LogInterceptor.java:71)

at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)

at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)

at com.clover.core.interceptor.GzipRequestInterceptor.intercept(GzipRequestInterceptor.java:35)

at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)

at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)

at com.clover.core.interceptor.CloverHeaderInterceptor.intercept(CloverHeaderInterceptor.java:94)

at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)

at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)

at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:257)

at okhttp3.RealCall.execute(RealCall.java:93)

at com.clover.engine.DeviceService.createDevice(DeviceService.java:272)

at com.clover.engine.io.http.CloverOkHttpClient.<init>(CloverOkHttpClient.java:102)

at com.clover.engine.io.http.CloverOkHttpClient.instance(CloverOkHttpClient.java:90)

at com.clover.engine.authenticator.LoginFragment$5.action(LoginFragment.java:358)

at com.clover.common2.AsyncTaskAdapter.doInBackground(AsyncTaskAdapter.java:114)

at com.clover.common2.AsyncTaskAdapter.doInBackground(AsyncTaskAdapter.java:44)

at android.os.AsyncTask$2.call(AsyncTask.java:305)

at java.util.concurrent.FutureTask.run(FutureTask.java:237)

at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:243)

at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1133)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:607)

at java.lang.Thread.run(Thread.java:761)

Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Tr

screenshot-1638870530.png

I there any solution how to fix it? Which SSL approach does this clover engine uses under the hood? And where I can get trusted certificate to install it into my emulator? Thank in advance

App Marketclover developer communityEmulator
10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

·
Jacob Abrams avatar image
Jacob Abrams answered

You are going to have to operate the emulator and/or real Clover device on an internet connection that is not behind such a mitmproxy as this.

For security purposes we pin certificates in the client and will not allow communication with man-in-the-middle SSL proxies that return a certificate we do not recognize.

10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Welcome to the
Clover Developer Community