Android error in webview.loadUrl() – Trust anchor for certification path not found

I have a webview for load url, but not work.

Look at my code:

  • Google Glass ADB devices doesn't find. OMAP4430 driver not installed (can't find it!)
  • removing backgroundcolor of a view in android
  • How to create an app widget with a configuration activity, and update it for the first time?
  • How to wrap a website in a phone app?
  • Android sdk manager not fetching other sdk platform
  • Could not find Facebook SDK.apk
  • public class MainActivity extends AppCompatActivity {
    
      @Override
      protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_main);
    
        WebView wv = (WebView) findViewById(R.id.webView);
    
        //Log.d("rudyy", "aqui");
        wv.loadUrl("https://tripulanteaims.tam.com.br/wtouch/wtouch.exe/index");
        //Log.d("rudyy", "fim");
    
    
      }
    }
    

    When execute this code, android return this error :

    Failed to validate the certificate chain, error: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
    

    Help-me please.

    Related posts:

    How to display a PDF via Android web browser without “downloading” first
    Initially Hidden MenuItem Not Shown When setVisible(true) is Called
    Android: Default XML Editor isn't opening anymore
    getLayoutInflater() in fragment
    Limit numbers of lines in TextView
    How to achieve the following animation in android material design?
  • change edittext cursor color
  • webview shouldinterceptrequest example
  • android Shape within a shape
  • SINGLE_TOP | CLEAR_TOP seem to work 95% of the time. Why the 5%?
  • “To Do” list before publishing android app to market
  • Read HTML file from assets
  • 2 Solutions collect form web for “Android error in webview.loadUrl() – Trust anchor for certification path not found”

    Create a WebViewClient:

    private class WvClient extends WebViewClient 
    {
        @Override
        public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError er) {
            handler.proceed(); 
            // Ignore SSL certificate errors
        }
    }
    

    And set the initialized WebViewClient (“WvClient”) to your WebView (“wv” in that case):

    wv.setWebViewClient(new WvClient());
    

    Or in one line:

     wv.setWebViewClient(new WebViewClient() {@Override public void onReceivedSslError(WebView v, SslErrorHandler handler, SslError er){ handler.proceed(); }});
    

    I was dealing with this and quite frankly allowing MITM attacks is a no-no. Here is a cleaner solution that supports pinning. Save the certificate into your raw resource folder.
    NOTE: Sadly, SSLError gives us an SslCertificate when you call getCertificate(). SslCertificate is kind of useless. It’s public API doesn’t allow you to verify the public key, only the created on, expired date, issued to, issued by. However, if you open up this class you will see an X509Certificate member variable that is un-exposed. IDK why this design decision was taken. But there is an API for getting the Bundle, and that X509 Certificate member variable gets stored in there. So we access it that way, because the Certificate has a lot more useful methods on it.

    @Override
    public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {
        SslCertificate sslCertificateServer = error.getCertificate();
        Certificate pinnedCert = getCertificateForRawResource(R.raw.your_cert, mContext);
        Certificate serverCert = convertSSLCertificateToCertificate(sslCertificateServer);
    
        if(pinnedCert.equals(serverCert)) {
            handler.proceed();
        } else {
            super.onReceivedSslError(view, handler, error);
        }
    }
    
    public static Certificate getCertificateForRawResource(int resourceId, Context context) {
        CertificateFactory cf = null;
        Certificate ca = null;
        Resources resources = context.getResources();
        InputStream caInput = resources.openRawResource(resourceId);
    
        try {
            cf = CertificateFactory.getInstance("X.509");
            ca = cf.generateCertificate(caInput);
        } catch (CertificateException e) {
            Log.e(TAG, "exception", e);
        } finally {
            try {
                caInput.close();
            } catch (IOException e) {
                Log.e(TAG, "exception", e);
            }
        }
    
        return ca;
    }
    
    public static Certificate convertSSLCertificateToCertificate(SslCertificate sslCertificate) {
        CertificateFactory cf = null;
        Certificate certificate = null;
        Bundle bundle = sslCertificate.saveState(sslCertificate);
        byte[] bytes = bundle.getByteArray("x509-certificate");
    
        if (bytes != null) {
            try {
                CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
                Certificate cert = certFactory.generateCertificate(new ByteArrayInputStream(bytes));
                certificate = cert;
            } catch (CertificateException e) {
                Log.e(TAG, "exception", e);
            }
        }
    
        return certificate;
    }
    
    Android Babe is a Google Android Fan, All about Android Phones, Android Wear, Android Dev and Android Games Apps and so on.