Stack Overflow
Stack Overflow

Questions tagged [trustmanager]

TrustManagers are a Java tool for Android responsible for managing the trust material that is used when making trust decisions, and for deciding whether credentials presented by a peer should be accepted.

71 questions
1
vote
1 answer

How to fix game made with Unity 3D Android X509TrustManager rejected by google play?

I have made a game in Unity 3D 2019.2 Android and I have sent it to Google Play, I got this message, Your app has a Security alert because is using an unsafe implementation of the X509TrustManager interface with an Apache HTTP client, resulting in…
SpaceRay
  • 11
  • 3
1
vote
1 answer

Partial chain verification on Java SSL TrustManager

I have a requirement where one can provide an intermediate CA to trust but not the CA(s) that have signed it. And using that as the trust store, I'd like to be able to trust an SSL server that has a certificate that's signed by this intermediate CA.…
Natan
  • 2,816
  • 20
  • 37
1
vote
0 answers

App Rejected By Google Play Store due to unsafe implementation of the X509TrustManager

Received this warning From Google Play store: Security alert Your app is using an unsafe implementation of the X509TrustManager interface with an Apache HTTP client, resulting in a security vulnerability. Please see this Google Help Center article…
Tousif Irshad
  • 37
  • 2
  • 12
1
vote
3 answers

Reload Java TrustStore programmatically

I've read quite a lot about this topic and it seems impossible to do, but just to be sure I'd like one more opinion. Use case: Web application that connects programmatically with one or more https services, the services are dynamic and the…
Fabio
  • 415
  • 1
  • 5
  • 14
1
vote
0 answers

Is is possible to make HTTPS requests in Android, using/accepting a self-signed certificate, instead of "Nuking" all SSL certificate?

And how is it possible to achieve this using Android Volley? Does anyone have a clear code, showing how to accept a certificate from a Uknown CA? Please, I'm not looking for another example, showing how to ignore self-signed SSL certificates.…
codermx
  • 235
  • 1
  • 2
  • 9
1
vote
0 answers

Implementing a SSL trustmanager for google.com

I am trying to implement a custom ssl trustmanager for google.com. I exported the certificate in DER encoded binary X.509(.CER) format from google.com using the certificate export wizard in chrome. Next I am using the certificate to implement a…
user2703788
  • 163
  • 1
  • 16
1
vote
0 answers

app containing an unsafe implementation of TrustManager

My app is rejected by google play store. Am getting the following error We rejected PowerConnect Univoice App, with package name com.powerconnect2.android.app, for violating our Malicious Behavior policy. If you submitted an update, the…
Cooper
  • 111
  • 1
  • 2
  • 9
1
vote
1 answer

How to fix Unsafe implementantion of TrustManager?

My app was rejected in Google Play because some unsafe implementation of TrustManager. But in my library I have only one implementation of TrustManager (this is my SSLUtil class). import android.content.Context; import java.io.InputStream; import…
Ricardo
  • 11
  • 3
1
vote
0 answers

Warning from google playstore "unsafe implementation of X509TrustManager Apache HTTP client"

I have applied the following code to verify the SSL certificate off the server and run the application using the HTTPS secure connection. My server is already having a certificate issued by an authorized CA's. Following is the snippet of my code…
rs shah
  • 11
  • 3
1
vote
0 answers

How to confirm correct changes of X509TrustManager Google Play warning issue?

I received warning message "Google Play warning: You are using an unsafe implementation of X509TrustManager". I removed problematic code and updated APK but warning still remains. It's probably because one of the libraries. Is there any change to…
Tomas Kuhn
  • 141
  • 2
  • 4
1
vote
1 answer

Unable to extract the trust manager on a.a.k@... - PayPal-Android-SDK 2.13.3

I recently updated my Song Scrapbook app to the latest version and also made sure to update all third-party APIs used by the app. One such third-party tool is the PayPal Android SDK which I use to monetize my app since I live in a country where the…
SilSur
  • 495
  • 1
  • 6
  • 21
1
vote
1 answer

Does version need to be live to check if TrustManager error is fixed?

I'm experiencing the problem Your app is using an unsafe implementation of the X509TrustManager interface with an Apache HTTP client, resulting in a security vulnerability. Please see this Google Help Center article for details, including…
Max Jones
  • 140
  • 7
0
votes
1 answer

issue - Unable to extract the trust manager on Android10Platform, sslSocketFactory is class com.android.org.conscrypt.OpenSSLSocketFactoryImpl

`### I am using retrofit for SSL certification in android . For android version 10 and above i am getting this error as "Unable to extract the trust manager on Android10Platform, sslSocketFactory is class…
Praveenayya Allayyanavaramath
  • 1
0
votes
0 answers

"java.security.cert.CertPathValidatorException: Trust anchor for certification path not found" while SSL is valid

I made an app where you can login and do some things. The problem is in the login: when it send a request to my API, it throws an error: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. Android 2.3 but…
mrBee74
  • 1
0
votes
0 answers

Google Play Store alert : Insecure Hostname Verification

I am getting this issue from Google Play Console. What things goes as below 1. App's first screen will be code verification so once user enter code, there is one api call and in response we receiving other details for app, like BASE URL, API type,…
Farmer
  • 4,093
  • 3
  • 23
  • 47
1 2
3
4 5