Android trying to use `okhttp 4 7 0 addInsecureHost` ``` cli kotlinlang #squarelibraries

Android, trying to use `okhttp 4.7.0 addInsecureHo...

Marco Righini

05/18/2020, 2:28 PM

Android, trying to use

okhttp 4.7.0 addInsecureHost

Copy code

// clientBuilder: OkHttpClient.Builder
...
val clientCertificates = HandshakeCertificates.Builder()
                    .addPlatformTrustedCertificates()
                    .addInsecureHost(proxyHost)
                    .build()
clientBuilder.proxy(Proxy(Proxy.Type.HTTP, InetSocketAddress.createUnresolved(proxyHost, proxyPort)))
clientBuilder.sslSocketFactory(clientCertificates.sslSocketFactory(), clientCertificates.trustManager)
clientBuilder.hostnameVerifier(HostnameVerifier { _, _ -> true })
...

but failing with

Copy code

Caused by: java.security.cert.CertificateException: java.lang.RuntimeException: java.lang.IllegalArgumentException: Expected receiver of type <http://android.security.net|android.security.net>.config.RootTrustManager, but got okhttp3.tls.internal.InsecureAndroidTrustManager
        at <http://com.google.android.gms.org|com.google.android.gms.org>.conscrypt.ConscryptFileDescriptorSocket.verifyCertificateChain(:com.google.android.gms@16089023@16.0.89 (040800-239467275):9)
        at <http://com.google.android.gms.org|com.google.android.gms.org>.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
        at <http://com.google.android.gms.org|com.google.android.gms.org>.conscrypt.NativeSsl.doHandshake(:com.google.android.gms@16089023@16.0.89 (040800-239467275):7)
        at <http://com.google.android.gms.org|com.google.android.gms.org>.conscrypt.ConscryptFileDescriptorSocket.startHandshake(:com.google.android.gms@16089023@16.0.89 (040800-239467275):14)
        	... 58 more
     Caused by: java.lang.RuntimeException: java.lang.IllegalArgumentException: Expected receiver of type <http://android.security.net|android.security.net>.config.RootTrustManager, but got okhttp3.tls.internal.InsecureAndroidTrustManager
        at <http://com.google.android.gms.org|com.google.android.gms.org>.conscrypt.Platform.checkTrusted(:com.google.android.gms@16089023@16.0.89 (040800-239467275):3)
        at <http://com.google.android.gms.org|com.google.android.gms.org>.conscrypt.Platform.checkServerTrusted(:com.google.android.gms@16089023@16.0.89 (040800-239467275):3)
        at <http://com.google.android.gms.org|com.google.android.gms.org>.conscrypt.ConscryptFileDescriptorSocket.verifyCertificateChain(:com.google.android.gms@16089023@16.0.89 (040800-239467275):12)
        	... 61 more
     Caused by: java.lang.IllegalArgumentException: Expected receiver of type <http://android.security.net|android.security.net>.config.RootTrustManager, but got okhttp3.tls.internal.InsecureAndroidTrustManager
        at java.lang.reflect.Method.invoke(Native Method)
        at okhttp3.tls.internal.InsecureAndroidTrustManager.checkServerTrusted(InsecureAndroidTrustManager.kt:48)
        at java.lang.reflect.Method.invoke(Native Method)
        at <http://com.google.android.gms.org|com.google.android.gms.org>.conscrypt.Platform.checkTrusted(:com.google.android.gms@16089023@16.0.89 (040800-239467275):2)
        	... 63 more

Am I missing something from the doc?

6 Views

Open in Slack

Previous Next