com.dropbox.core.NetworkIOException: com.android.org.bouncycastle.jce.exception.ExtCertPathValidatorException: Could not validate certificate

Question

I'm seeing some of my app users facing the following exception when downloading a file via Dropbox:

Caused by javax.net.ssl.SSLHandshakeException: com.android.org.bouncycastle.jce.exception.ExtCertPathValidatorException: Could not validate certificate: Certificate expired at Thu Jul 13 02:08:08 GMT+04:00 2017 (compared to Thu Sep 07 09:00:07 GMT+04:00 2017)

Caused by java.security.cert.CertificateException: com.android.org.bouncycastle.jce.exception.ExtCertPathValidatorException: Could not validate certificate: Certificate expired at Thu Jul 13 02:08:08 GMT+04:00 2017 (compared to Thu Sep 07 09:00:07 GMT+04:00 2017)

Caused by com.android.org.bouncycastle.jce.exception.ExtCertPathValidatorException: Could not validate certificate: Certificate expired at Thu Jul 13 02:08:08 GMT+04:00 2017 (compared to Thu Sep 07 09:00:07 GMT+04:00 2017)

Caused by java.security.cert.CertificateExpiredException: Certificate expired at Thu Jul 13 02:08:08 GMT+04:00 2017 (compared to Thu Sep 07 09:00:07 GMT+04:00 2017)

Here is the code to download file:

private void downloadFile(@NonNull final String inPath, @NonNull final OutputStream outputStream) throws IOException, DbxException {
        mClient.files().downloadBuilder(inPath).download(outputStream);
}


public DropBox(@NonNull final String ACCESS_TOKEN) {
    final OkHttpClient okHttpClient = OkHttp3Requestor.defaultOkHttpClientBuilder()
            .connectTimeout(60, TimeUnit.SECONDS)
            .writeTimeout(60, TimeUnit.SECONDS)
            .readTimeout(60, TimeUnit.SECONDS)
            .build();
    final DbxRequestConfig config =
            DbxRequestConfig
                    .newBuilder("")
                    .withHttpRequestor(new OkHttp3Requestor(okHttpClient))
                    .build();
    mClient = new DbxClientV2(config, ACCESS_TOKEN);
}

Please advise if anything is wrong with the code.

Make sure that you have the latest version of their SDK. Otherwise, the problem would appear to have been on their side, with an expired SSL certificate. Or, possibly, some users are the victim of a clumsy MITM attack. — CommonsWare, Sep 09 '17 at 14:10
This SDK uses https://content.dropboxapi.com/ for `downloadBuilder`, which is currently being served with a certificate that expires in 2020, so it does like like there is something interfering with the connections for these users. — Greg, Sep 11 '17 at 15:37

com.dropbox.core.NetworkIOException: com.android.org.bouncycastle.jce.exception.ExtCertPathValidatorException: Could not validate certificate

0 Answers0