ssl-certificatekeystoresslexception

javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSLhandshaketerminated:


I've my p12 file and cer file provided by client.

I've using below code as to connect with server, but having SSSLHandshakeException always:

KeyStore trustStore = KeyStore.getInstance("BKS");
            trustStore.load(R.raw.trustore), 
                    password.toCharArray());
            SSLSocketFactory sf = new MySSLSocketFactory(trustStore);
            HttpParams params = new BasicHttpParams();
            HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
            HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);
            SchemeRegistry registry = new SchemeRegistry();
            registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
            registry.register(new Scheme("https", sf, 443));
            ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);
            DefaultHttpClient defaultHttpClient=new DefaultHttpClient(ccm, params);

Note that I converted trustore(.bks file) using below cmd:

keytool -genseckey -alias alias_name -keystore truststore.bks -providerclass org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath bcprov-jdk15on-149.jar -storetype BKS

Solution

  • Solved the issue by using correct BKS file. I learn with this issue that, don't try to solve issue only one sided, though try with all the probable solution with open mind. Even I still don't know that how to validate correct BKS file if we've .p12 and .cer files. But you must have to be correct keystore file for success connection. Below is the command which I used for converting BKS file:

    keytool -importkeystore -srckeystore xyz.p12 -srcstoretype BKS -destkeystore new-store.bks -deststore type BKS -provider org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath bcprov-jdk15on-149.jar