When I try to upload an application to google play, I get a message. "Unsafe implementation of the interface x509trustmanager". In a message from Google Play it says:
To avoid problems when validating the SSL certificate, change the code of the checkServerTrusted method in the X509TrustManager interface so that a CertificateException or IllegalArgumentException is thrown when it detects suspicious certificates.
All the options I've found use the checkValidity method to validate the certificate but Google also adds:
Do not use checkValidity to validate the server's certificate. This method checks the validity of the certificate, not its security.
How can I change the code of the checkServerTrusted method correctly? My current implementation of x509TrustManager:
X509TrustManager trustManager = new X509TrustManager() {
@Override
public X509Certificate[] getAcceptedIssuers() {
X509Certificate[] cArrr = new X509Certificate[0];
return cArrr;
}
@Override
public void checkServerTrusted(final X509Certificate[] chain,
final String authType) throws CertificateException {
try {
chain[0].checkValidity();
} catch (Exception e) {
throw new CertificateException("Certificate not valid or trusted.");
}
}
@Override
public void checkClientTrusted(final X509Certificate[] chain,
final String authType) throws CertificateException {
}
};
I changed the X509TrustManager implementation this way and the app passed Google Play verification: