Stack Overflow
Stack Overflow

Questions tagged [trustmanager]

TrustManagers are a Java tool for Android responsible for managing the trust material that is used when making trust decisions, and for deciding whether credentials presented by a peer should be accepted.

71 questions
2
votes
0 answers

How can I find and fix my android app's security vulnerability?

I have received this message from Google. We aren't using any TrustManager or etc. We are using okhttp and google publisher, and I don't know how can I detect this security vulnerability. We found that your app contains security vulnerabilities,…
ardalegent
  • 91
  • 4
2
votes
2 answers

Unsafe implementation of the interface X509TrustManager - Google Play

When I try to upload an application to google play, I get a message. "Unsafe implementation of the interface x509trustmanager". In a message from Google Play it says: To avoid problems when validating the SSL certificate, change the code of the…
Tenday
  • 111
  • 1
  • 12
2
votes
1 answer

Can checkServerTrusted result be cached for X509TrustManager?

In my JavaFX client application, I'm implementing my own TrustManager that relies on Platform TrustManager. Basically, I'm always calling the Platform trustManager and if the connection is not trusted, I'm able to pop a warning Dialog asking the…
Maxoudela
  • 2,091
  • 3
  • 15
  • 23
2
votes
0 answers

spring boot don't pick up custmize trustManager

I work on webApi base on spring boot 2.0.3, and already enable ssl with self-signed certificates through application.properties, I add a new feature to validate local CRL and customized trustManager, but spring boot doesn't pick the code. could you…
Max
  • 21
  • 6
2
votes
1 answer

java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.NETWORK

java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.NETWORK Hi i got this error while i am calling one API service from retrofit , i am searching a lot and found answer like private static void…
Sushant Gosavi
  • 3,647
  • 3
  • 35
  • 55
2
votes
1 answer

Public Key pinning with X509TrustManagerExtensions checkServerTrusted

Public key pinning in for a HTTPS TLS connection. There is an issue with Android API, below 17, that enables MITM (Man in the Middle) attack incase of public key pinning. This has been explained in the link…
B.B.
  • 924
  • 2
  • 11
  • 28
2
votes
3 answers

Error [Ljava.lang.Object; cannot be cast to [Ljava.security.cert.X509Certificate when converting an arraylist of X509Certificate to array

I am very new to this ssl and certificates. I have a jks file which consists of some certificates which server trusts. I am trying to read all the certificates from the jks file and return it to getAcceptedIssuers() method. The certificates are of…
user2703788
  • 163
  • 1
  • 16
2
votes
1 answer

X509TrustManager alert GooglePlay

Ok so I just received alerts for all of my regarding unsafe use of this TrustManger. The problem is I don't even know what that is, in fact it's the first time I hear about it. Anyone knows what is this? Anyone solved this issue? I am suspecting…
Slim C.
  • 1,119
  • 4
  • 25
  • 49
2
votes
0 answers

Security alert for insecure TrustManager

In one of my apps I recently got the following alert from Google Play saying: Your app is using an unsafe implementation of the X509TrustManager interface with an Apache HTTP client, resulting in a security vulnerability. Please see this Google…
Zeus Starix
  • 21
  • 2
2
votes
1 answer

Security Alert in Android App

For one of my App, I got the security alert in android developer console. I do not use http request. I am not sure about the AD network like Admob and Facebook which uses this. Any specific code / gradle setup is needed for this ? How to solve this…
iappmaker
  • 2,945
  • 9
  • 35
  • 76
1
vote
0 answers

How to write code for rejecting expired client certificate (self-signed) in spring boot?

I have a server as rest API in spring boot and client is Rest Template present in another spring boot application. Currently, in order to enable https,I have configured server.ssl related properties inside application.proeprties file of server like…
John
  • 11
  • 1
1
vote
1 answer

Vimeo Networking Library Crash for Android 10 platform (api29)

I implemented vimeo networking using vimeo networking library(https://github.com/vimeo/vimeo-networking-java), exoplayer and explained in this post https://stackoverflow.com/a/65737556/8814924 Now the problem is when I was checking with API 30 it…
Nafiul Alam Fuji
  • 407
  • 7
  • 17
1
vote
0 answers

Vulnerability TrustManager

Our app has been in the Play Market for 4 years. Before the last build, we added AppMetrica in the app: implementation 'com.yandex.android:mobmetricalib:3.13.1' implementation 'com.android.installreferrer:installreferrer:1.1.2' implementation…
0pomoshi
  • 11
  • 1
1
vote
2 answers

Getting Wrong version of key store. in android

I am making a keystore get registered using a jks file but getting "Wrong version of key store." with the below code TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); …
rocker-hacker
  • 107
  • 8
1
vote
0 answers

Custom KeyManager and TrustManager for Spring Boot

I have decided to rebrand my question, I am looking for a way to provide a custom keymanager and trustmanager for my Spring Boot application. Basically I have an application that provides users with custom URLs for…
tinashe.chipomho
  • 387
  • 2
  • 8
  • 17
1
2
3 4 5