"java.security.cert.CertPathValidatorException: Trust anchor for certification path not found." Android + Retrofit + Asp.net API

Question

I am trying to consume RestApi from asp.net running in (local machine). I followed the exact steps on https://developer.android.com/training/articles/security-config#ConfigCustom in (Configure a custom CA)

but with no success, always getting the same error "java.security.cert.CertPathValidatorException: Trust anchor for certification path not found".

Steps i followed:

1- Exporsted the self-signed CA in .der from (Trusted Root Certification Authorities) convert it to .pem, i took copy of the .pem and pasted(added it) to raw directory.

2- Created "network_security_config".

<network-security-config>
<domain-config>
    <domain includeSubdomains="true">10.0.2.2</domain>
    <trust-anchors>
        <certificates src="@raw/localhost"/>
    </trust-anchors>
</domain-config>
</network-security-config>

3- Modified AndroidManifest:

<application    
   android:networkSecurityConfig="@xml/network_security_config"
   ...
</application

Finally: in retrofit baseUrl("https://10.0.2.2:5001/api/")

Answer 1

Do something like this:

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <domain-config cleartextTrafficPermitted="true">
        <domain includeSubdomains="true">192.168.0.106</domain>
    </domain-config>
</network-security-config>

Just checked out with a dummy Spring Boot server and mini Android application.

You can check your open ports(Ubuntu):

sudo ufw app list

And add a new port like(Ubuntu):

sudo ufw allow 8080

I'm not using a Windows machine right now. So I can't tell how to enable it there. But there were actually multiple ways to do that.