androidsoaphttpsksoap2

KSOAP 2 Android with HTTPS


I am using KSOAP2 to manage SOAP in Android but it use https for the SOAP url and I am getting this error: javax.net.ssl.SSLException: Not trusted server certificate
A normal error because the certificate is untrusted, but anyone knows how to workaround with this error? I can not manage the certificate because is from a other company and I don't have access to change it.

Thanks


Solution

  • I can't comment yet so i post my comments to rallat answer here. His solution works but it needs further explanations. To run ksoap2 with ssl:

    1. Put ksoap2-android-assembly-2.5.2-jar-with-dependencies.jar in a project
    2. Download ksoap2 sources from https://github.com/mosabua/ksoap2-android/tree/ (ksoap2 repository)
    3. Copy HttpTransportSE.java, ServiceConnectionSE.java (I also needed to copy Transport.java, ServiceConnection.java and HeaderProperty.java). Delete imports from those files and make sure that they use your files (not imports from ksoap2.jar)
    4. Use rallat answer ( I copy-pasted it):

      • ServiceConnectionSE.java add this for accept untrusted certificate:

        private TrustManager[] trustAllCerts = new TrustManager[] {
            new X509TrustManager() {
                public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                    return null;
                }
                public void checkClientTrusted(
                    java.security.cert.X509Certificate[] certs, String authType) {
                }
                public void checkServerTrusted(
                    java.security.cert.X509Certificate[] certs, String authType) {
                }
            }
        };
        
      • then use this constructors to allow untrusted certificates and not verified hostnames:

        public ServiceConnectionSE(String url) throws IOException {
            try {
                SSLContext sc = SSLContext.getInstance("TLS");
                sc.init(null, trustAllCerts, new java.security.SecureRandom());
                HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
            } catch (Exception e) {
                e.getMessage();
            }
            connection = (HttpsURLConnection) new URL(url).openConnection();
            ((HttpsURLConnection) connection).setHostnameVerifier(new AllowAllHostnameVerifier());
        }    
        
      • Second contructor

        public ServiceConnectionSE(Proxy proxy, String url) throws IOException {
            try {
                SSLContext sc = SSLContext.getInstance("TLS");
                sc.init(null, trustAllCerts, new java.security.SecureRandom());
                HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
             } catch (Exception e) {
                e.getMessage();
             }
             connection = (HttpsURLConnection) new URL(url).openConnection();
            ((HttpsURLConnection) connection).setHostnameVerifier(new AllowAllHostnameVerifier());
        
            connection.setUseCaches(false);
            connection.setDoOutput(true);
            connection.setDoInput(true);
        }
        
    5. In your code just use:

      HttpTransportSE aht = new HttpTransportSE(URL);    
      aht.call(SOAP_ACTION, envelope);
      

    Other things as in tutorials