私のアプリケーションでは、自己署名証明書を使用して https 経由で接続しています。compilesdk が < 24 に設定されている場合、アプリケーションは完全に正常に動作しますが、compilesdk が 24 に設定されている場合、アプリケーションは https 経由でサーバーに接続できず、次の例外がスローされます。
07-27 14:35:52.927 11424-11956/com.test.Push W/System.err: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
07-27 14:35:52.927 11424-11956/com.test.Push W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:361)
07-27 14:35:52.927 11424-11956/com.test.Push W/System.err: at com.squareup.okhttp.internal.io.RealConnection.connectTls(RealConnection.java:192)
07-27 14:35:52.927 11424-11956/com.test.Push W/System.err: at com.squareup.okhttp.internal.io.RealConnection.connectSocket(RealConnection.java:149)
07-27 14:35:52.927 11424-11956/com.test.Push W/System.err: at com.squareup.okhttp.internal.io.RealConnection.connect(RealConnection.java:112)
07-27 14:35:52.927 11424-11956/com.test.Push W/System.err: at com.squareup.okhttp.internal.http.StreamAllocation.findConnection(StreamAllocation.java:184)
07-27 14:35:52.927 11424-11956/com.test.Push W/System.err: at com.squareup.okhttp.internal.http.StreamAllocation.findHealthyConnection(StreamAllocation.java:126)
07-27 14:35:52.927 11424-11956/com.test.Push W/System.err: at com.squareup.okhttp.internal.http.StreamAllocation.newStream(StreamAllocation.java:95)
07-27 14:35:52.927 11424-11956/com.test.Push W/System.err: at com.squareup.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:281)
07-27 14:35:52.927 11424-11956/com.test.Push W/System.err: at com.squareup.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:224)
07-27 14:35:52.927 11424-11956/com.test.Push W/System.err: at com.squareup.okhttp.Call.getResponse(Call.java:286)
07-27 14:35:52.927 11424-11956/com.test.Push W/System.err: at com.squareup.okhttp.Call$ApplicationInterceptorChain.proceed(Call.java:243)
07-27 14:35:52.927 11424-11956/com.test.Push W/System.err: at com.worklight.wlclient.CertificatePinningInterceptor.intercept(CertificatePinningInterceptor.java:20)
07-27 14:35:52.927 11424-11956/com.test.Push W/System.err: at com.squareup.okhttp.Call$ApplicationInterceptorChain.proceed(Call.java:232)
07-27 14:35:52.927 11424-11956/com.test.Push W/System.err: at com.worklight.wlclient.OkHttpInterceptor.intercept(OkHttpInterceptor.java:145)
07-27 14:35:52.927 11424-11956/com.test.Push W/System.err: at com.squareup.okhttp.Call$ApplicationInterceptorChain.proceed(Call.java:232)
07-27 14:35:52.927 11424-11956/com.test.Push W/System.err: at com.squareup.okhttp.Call.getResponseWithInterceptorChain(Call.java:205)
07-27 14:35:52.927 11424-11956/com.test.Push W/System.err: at com.squareup.okhttp.Call.execute(Call.java:80)
07-27 14:35:52.927 11424-11956/com.test.Push W/System.err: at com.worklight.wlclient.WLRequestSender.run(WLRequestSender.java:49)
07-27 14:35:52.927 11424-11956/com.test.Push W/System.err: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1133)
07-27 14:35:52.927 11424-11956/com.test.Push W/System.err: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:607)
07-27 14:35:52.928 11424-11956/com.test.Push W/System.err: at java.lang.Thread.run(Thread.java:761)
07-27 14:35:52.928 11424-11956/com.test.Push W/System.err: Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
07-27 14:35:52.928 11424-11956/com.test.Push W/System.err: at com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:549)
07-27 14:35:52.928 11424-11956/com.test.Push W/System.err: at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:401)
07-27 14:35:52.928 11424-11956/com.test.Push W/System.err: at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:375)
07-27 14:35:52.928 11424-11956/com.test.Push W/System.err: at com.android.org.conscrypt.TrustManagerImpl.getTrustedChainForServer(TrustManagerImpl.java:304)
07-27 14:35:52.928 11424-11956/com.test.Push W/System.err: at android.security.net.config.NetworkSecurityTrustManager.checkServerTrusted(NetworkSecurityTrustManager.java:94)
07-27 14:35:52.928 11424-11956/com.test.Push W/System.err: at android.security.net.config.RootTrustManager.checkServerTrusted(RootTrustManager.java:88)
07-27 14:35:52.928 11424-11956/com.test.Push W/System.err: at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:178)
07-27 14:35:52.928 11424-11956/com.test.Push W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:596)
07-27 14:35:52.929 11424-11956/com.test.Push W/System.err: at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
07-27 14:35:52.929 11424-11956/com.test.Push W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:357)
07-27 14:35:52.929 11424-11956/com.test.Push W/System.err: ... 20 more
07-27 14:35:52.929 11424-11956/com.test.Push W/System.err: Caused by: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
07-27 14:35:52.929 11424-11956/com.test.Push W/System.err: ... 30 more
https://developer.android.com/preview/features/security-config.htmlに記載されている手順に従いましたが、アプリはまだ https 経由でサーバーに接続できません。私の network_security_config.xml は次のとおりです。
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config>
<domain includeSubdomains="true">test.abc.com</domain>
<trust-anchors>
<certificates src="@raw/ca_norton"/>
</trust-anchors>
</domain-config>
</network-security-config>
私の AndroidManifest.xml には、 application タグの下に以下が含まれていました
<meta-data android:name="android.security.net.config"
android:resource="@xml/network_security_config" />
ca_norton.crt も raw フォルダーにコピーされます。ここで何か不足していますか?前もって感謝します。