Stack Overflow
Stack Overflow

Questions tagged [trustmanager]

TrustManagers are a Java tool for Android responsible for managing the trust material that is used when making trust decisions, and for deciding whether credentials presented by a peer should be accepted.

71 questions
0
votes
1 answer

Custom Implementation of Trust Manager and Hostname Verifier

I am making post request to a third party service setting the hostname verifier and trust manager. The default pass all implementation however doesn't pass sonarcloud checks and gives errors which are attached in screenshots below. Have browsed for…
Vedant Dixit
  • 140
  • 2
  • 11
0
votes
1 answer

How to fix Google App vulnerability - TrustManager when we don't directly use the code?

The app was fine until recently we started getting mails from Google about TrustManager vulnerability. We don't directly use TrustManager. So the only possibilities are from those dependencies. We did a quick search on places that contain…
angelokh
  • 9,426
  • 9
  • 69
  • 139
0
votes
1 answer

App was rejected for violating our Malicious Behavior or User Data policy and software that contains security vulnerabilities

I have updated the app and it got rejected by play store saying "We rejected Your App, with package name XYZ, for violating our Malicious Behavior or User Data policy. If you submitted an update, the previous version of your app is still available…
konda rahul
  • 141
  • 1
  • 1
  • 11
0
votes
1 answer

How can I use CertificateException in TrustManager?

I uploaded my app to the play store and I received an email from Google developer that I have to modify my sentences in the https code. I am doing a data submission over https using the TrustManager function. I have a valid ssl certificate in my url…
Agu
  • 1
0
votes
0 answers

HttpsURLConnection, SSLPeerUnverifiedException happens when access to IP Address

Following exception happens when HttpsURLConnection tries to connect to a server using IP address: source val is : InputStream var tmf: TrustManagerFactory? = null try { is =…
user14272026
  • 1
  • 1
0
votes
1 answer

TrustManager vulnerability when flutter app published in Google Play

I recently published an application on google play, and I received an email from the google play team which says: ...and found that your app uses software that contains security vulnerabilities for users. Apps with these vulnerabilities can expose…
elikyalk
  • 29
  • 1
  • 4
0
votes
0 answers

SSL Certificate not trusted on initial connection

I have a really frustrating SSL bug where, depending on connection order, a valid certificate is not being trusted. So if on startup, I connect directly to server A. the trust manager will fail to verify the chain with the error:…
utahwithak
  • 6,235
  • 2
  • 40
  • 62
0
votes
2 answers

App rejected by google play due to http trust manager

I am able to build release apk and when tested, everything is working fine. When I upload it to the Play Store however, it is rejected due to some malicious behavior. ServerConnection code: HostnameVerifier hostnameVerifier =…
pb123
  • 489
  • 3
  • 9
  • 25
0
votes
0 answers

How to connect to private url with private ssl certificate

I am trying to connect my android app to a url belonging to a private company in order to retrieve and send information. When I do so however I receive an error Trust anchor for certification path not found, the ssl certificate for the url is valid…
Bwalya
  • 118
  • 11
0
votes
1 answer

Trust/whitelist a certificate in OkHttp (Trust anchor for certification path not found)

I'm experiencing a issue with android 4 devices that receive the following exception connecting to the server: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. at…
Addev
  • 31,819
  • 51
  • 183
  • 302
0
votes
0 answers

Passing custom TrustManagerFactory and custom host name verifier in Netty based client?

I want to use my own TrustManager, i.e., X509TrustManager for checkServerTrusted method. Also, I need to do custom host name verification. I can see that in sslContextBuilder, it takes TrustManagerFactory. Here I want to pass my custom…
Mosbius8
  • 119
  • 6
0
votes
0 answers

Java android . Google play security alert for insecure TrustManager

I want to upgrade my application in google store but I have a problem with security Alert. This is a mail : We rejected ****, with package name *****, for violating our Malicious Behavior or User Data policy. If you submitted an update, the previous…
Krzysztof Pokrywka
  • 1,356
  • 4
  • 27
  • 50
0
votes
1 answer

Set TrustManager for Tomcat connector programmatically

Weeks before my project uses 1.4.0.M3 version of Spring Boot, which uses tomcat-embedded-core-8.0.33. Here I was able to create multi-connector with following code: @Bean EmbeddedServletContainerFactory servletContainer() { …
Zimy
  • 165
  • 1
  • 1
  • 7
0
votes
0 answers

How to fix apps containing an unsafe implementation of 'TrustManager'?

https://support.google.com/faqs/answer/6346016,I removed the code that related to TrustManager,but still google play rejected me. why this happen, how to solve?
idengpan
  • 41
  • 5
0
votes
0 answers

X509TrustManager unsafe implementation but no such method is used on the code

I got this mail rejecting my new uploaded app on play store Your app(s) listed at the end of this email use an unsafe implementation of the interface X509TrustManager. Specifically, the implementation ignores all SSL certificate validation…
Game funapp
  • 1
  • 2
1 2 3
4
5