android-play-safetynet icon indicating copy to clipboard operation
android-play-safetynet copied to clipboard

Published 20 hours ago verified publisher icon googlesamples

Trust Manager checkServerTrusted failed

Open Xanvial opened this issue 4 years ago • 1 comments

Hi, So I'm currently implementing the OfflineVerify based on Sample provided. But I face an exception on jws.verifySignature() step. After some debugging (copying the verification implementation), the exception become more specific: Domain specific configurations require that hostname aware heckServerTrusted(X509Certificate[], String, String) is used

Based on that it seems the error is related with network-security-config.xml that is used by my app, removing it fixing the error. But I still need to use the config, so any idea what changes on the config to fix this? Here's the one I use (changed the domain name)

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <debug-overrides>
        <trust-anchors>
            <!-- Trust user added CAs while debuggable only -->
            <certificates src="system" />
            <certificates src="user" />
        </trust-anchors>
    </debug-overrides>
    <domain-config cleartextTrafficPermitted="true">
        <domain includeSubdomains="true">google.com</domain>
        <domain includeSubdomains="true">example.com</domain>
    </domain-config>
</network-security-config>

Any help appreciated

Xanvial avatar Oct 08 '19 05:10 Xanvial

Did you ever figure that issue?

paulo-raca avatar Aug 11 '20 18:08 paulo-raca