Home Features Docs Blog Support GitHub

Https problem: Trust anchor for certification path not found

(Zufar Fakhurtdinov) #1

Hi! When I trying to use https requests it failed with “java.security.cert.CertPathValidatorException: Trust anchor for certification path not found”

How can I fix that?
jvm, android, robovm, gwt work well with that server (and we use same http-related code for all that platforms).

Cant download file from https
(Gergely Kis - Migeran) #2

Hi Zufar,

do you have the SSL certificates included in your project like in the RssReader sample?

Best Regards,

(Zufar Fakhurtdinov) #3

How I can get that certificates? Should I just copy files from example to my project magic dir “android_root/etc/security/cacerts”?

(Gergely Kis - Migeran) #4

For now, yes.

I created an issue for this on GitHub, so it will be included in the SDK by default.

(Zufar Fakhurtdinov) #5

Is it fixed? I see milestone 1.2.3 but issue state is open.

(Kristóf Liliom - Migeran) #6

Dear zufarfakhurtdinov,

we had to postpone it to MOE 1.3.0 because it required more changes than we anticipated.


i have same problem with android studio 2.2 (mac)
I copied the certificate files (from rss reaader example) to my folder my myproject/ios/src/main/resources/android_root/etc/security/cacerts but i have that exception.
What am i forgetting ?


(Saeed) #8

Dear friends,

i implement all service’s by using retrofit library for this issue.
how ever i have not any problem.

test it ->

public class ServiceGeneratorCollege {

    public static String PREF_COOKIES = "pref_cookies";

    private static OkHttpClient.Builder httpClient = new OkHttpClient.Builder();

    private static Retrofit.Builder builder;

    public static <S> S createService(Class<S> serviceClass) {
        return createService(serviceClass, null);

    public static <S> S createService(Class<S> serviceClass, final HashMap<String, String> headers) {

        builder = new Retrofit.Builder()
                .baseUrl("your service address")

        httpClient.hostnameVerifier(new HostnameVerifier() {

            public boolean verify(String hostname, SSLSession session) {
                return true;

        OkHttpClient client = httpClient.build();
        Retrofit retrofit = builder.client(client).build();
        return retrofit.create(serviceClass);

    private static SSLSocketFactory getSSLSocketFactory() {
        try {
            // Create a trust manager that does not validate certificate chains
            final TrustManager[] trustAllCerts = new TrustManager[]{
                    new X509TrustManager() {
                        public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {

                        public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {

                        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                            return new java.security.cert.X509Certificate[]{};

            // Install the all-trusting trust manager
            final SSLContext sslContext = SSLContext.getInstance("SSL");
            sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
            // Create an ssl socket factory with our all-trusting manager
            final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();

            return sslSocketFactory;
        } catch (KeyManagementException | NoSuchAlgorithmException e) {
            return null;


How to get a https request?
Self Signed Ssl Cert Problem
(Mohammad Reza Armaghan) #9

very thanks.
This code solves my problem.

(Shivam Ratan) #10

Thanks ! It also worked for me

(Imtiaz Hossain) #11

Thanks. It worked :slight_smile:

(Tejaswi More) #12

someone please tell me where to place this code as I am getting same error in my app.

(Kyaw San Oo) #13

Thanks, it works absolutely.