Cannot set CA cert on Android #1610
Description
Confirm by changing [ ] to [x] below:
- I've gone though Developer Guide and API reference
- I've searched for previous similar issues and didn't find any solution
Platform/OS/Hardware/Device
x86_64 Android Emulator
Describe the question
Has anyone had a filesystem access limitation within Android?
I'm trying to make an https request on Android and it seems to be failing due to an SSL error.
I've set a cacert path via ClientConfiguration and there seems to be an issue accessing the file. Using the adb shell I'm able to cat the begining of the file proving it's existence:
130|generic_x86_64:/ # head /data/data/com.**********/files/cacert.pem
##
## Bundle of CA Root Certificates
##
## Certificate data from Mozilla as of: Tue Jan 19 04:12:04 2021 GMT
##
## This is a bundle of X.509 certificates of public Certificate Authorities
## (CA). These were automatically extracted from Mozilla's root certificates
## file (certdata.txt). This file can be found in the mozilla source tree:
## https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt
##
[TRACE] 2021-04-06 20:56:33.471 CurlHttpClient [131694353956176] Making request to https://************************
[TRACE] 2021-04-06 20:56:33.471 CurlHttpClient [131694353956176] Including headers:
[TRACE] 2021-04-06 20:56:33.471 CurlHttpClient [131694353956176] accept: application/json
[TRACE] 2021-04-06 20:56:33.471 CurlHttpClient [131694353956176] accept-version: v2
[TRACE] 2021-04-06 20:56:33.471 CurlHttpClient [131694353956176] authorization: Bearer ****************
[TRACE] 2021-04-06 20:56:33.471 CurlHttpClient [131694353956176] content-type: application/json
[TRACE] 2021-04-06 20:56:33.472 CurlHttpClient [131694353956176] host: ****************
[TRACE] 2021-04-06 20:56:33.472 CurlHttpClient [131694353956176] user-agent:
[DEBUG] 2021-04-06 20:56:33.472 CurlHandleContainer [131694353956176] Attempting to acquire curl connection.
[INFO] 2021-04-06 20:56:33.472 CurlHandleContainer [131694353956176] Connection has been released. Continuing.
[DEBUG] 2021-04-06 20:56:33.473 CurlHandleContainer [131694353956176] Returning connection handle 0x77c6c5505540
[DEBUG] 2021-04-06 20:56:33.473 CurlHttpClient [131694353956176] Obtained connection handle 0x77c6c5505540
[DEBUG] 2021-04-06 20:56:33.488 CURL [131694353956176] (Text) Trying ***.***.***.***...
[DEBUG] 2021-04-06 20:56:33.488 CURL [131694353956176] (Text) TCP_NODELAY set
[DEBUG] 2021-04-06 20:56:33.524 CURL [131694353956176] (Text) Connected to **************** (***.***.***.***) port 443 (#0)
[DEBUG] 2021-04-06 20:56:33.525 CURL [131694353956176] (Text) ALPN, offering http/1.1
[DEBUG] 2021-04-06 20:56:33.526 CURL [131694353956176] (Text) Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
[DEBUG] 2021-04-06 20:56:33.526 CURL [131694353956176] (Text) error setting certificate verify locations:
CAfile: /data/data/com.***********/files/cacert.pem
CApath: none
[DEBUG] 2021-04-06 20:56:33.527 CURL [131694353956176] (Text) Curl_http_done: called premature == 0
[DEBUG] 2021-04-06 20:56:33.527 CURL [131694353956176] (Text) Closing connection 0
[ERROR] 2021-04-06 20:56:33.528 CurlHttpClient [131694353956176] Curl returned error code 77 - Problem with the SSL CA cert (path? access rights?)
[DEBUG] 2021-04-06 20:56:33.528 CurlHandleContainer [131694353956176] Destroy curl handle: 0x77c6c5505540
[DEBUG] 2021-04-06 20:56:33.528 CurlHandleContainer [131694353956176] Created replacement handle and released to pool: 0x77c6c5505540