[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [paho-dev] Certificate Pinning in Android Using MQTT

Hi James,Â

The exception came as follows. Also can you please be a little more specific about Java version as my knowledge is limited in that area.

07-24 13:17:50.076 11218-11315/nl.weintegrate.wealert.app E/AndroidRuntime: FATAL EXCEPTION: MQTT Con:Â9830f356e9b7f4f5blahblah1313@xxxxxxxxxxxxxxx
Process: nl.weintegrate.wealert.app, PID: 11218
java.lang.NullPointerException: cancel() called with a null PendingIntent
at android.app.AlarmManager.cancel(AlarmManager.java:890)
at org.eclipse.paho.android.service.AlarmPingSender.stop(AlarmPingSender.java:87)
at org.eclipse.paho.client.mqttv3.internal.ClientComms.shutdownConnection(ClientComms.java:353)
at org.eclipse.paho.client.mqttv3.internal.ClientComms$ConnectBG.run(ClientComms.java:668)
at java.lang.Thread.run(Thread.java:761)


kind regards
Sumayya Shahzad

On Aug 15, 2017 7:24 PM, "James Sutton1" <james.sutton@xxxxxxxxxx> wrote:
Hi,
Â
Do you get any exception when the App Crashes? Also, try changing the version of the mqttv3 library to 1.2.0. This release now uses Java 1.7 and has had a numberÂof changes made to it that improve TLS support (SNI etc..).
Â
Kind regards,
Â
JamesÂSutton
Software Engineer - IoT Foundation - MQTT Open Source Projects
Ops Team - Wimbledon Project

Phone:Â01962 815438Â|ÂExtension:Âx372454
E-mail:Âjames.sutton@xxxxxxxcom
Personal Website:Âwww.jsutton.co.uk
Find me on:ÂÂÂÂÂ
IBM

Hursley Park
HursleySO212JN
United Kingdom
Â
IBM United Kingdom Limited Registered in England and Wales with number 741598 Registered office: PO Box 41, North Harbour, Portsmouth, Hants. PO6 3AU
Â
Â
----- Original message -----
From: Sumayya Shahzad <sumayya@xxxxxxxxxxxxxx>
Sent by: paho-dev-bounces@xxxxxxxxxxx
To: paho-dev@xxxxxxxxxxx
Cc:
Subject: [paho-dev] Certificate Pinning in Android Using MQTT
Date: Tue, Aug 15, 2017 8:39 AM
Â
Hi,Â
Â
I hope this email finds you in good spirits.
Â
I am relatively new at Android and I have developed a service which connects to the ActiveMQ host using SSL/TLS support ofÂmqttv3:1.1.0
Â
Â
I have been able to perform TLS connection to ActiveMQ without the certificate pinning successfully.
However whenever I tried to implement certificate pinning using ÂAndroid Sample. The app crashed.
Â
Â
I am going to put in the sample code as an example for certificate pinning. As it says in the website, it fully supports TLS/SSL however, any code ensuring certificate pinning just crashes. I have also implemented certificate pinning on the Https library native of ÂAndroid and it is just working fine. But the same code does not work for MQTT lib. Attached code for more insight.Â
Â
Â
Â
  KeyStore myKeyStore = KeyStore.getInstance("BKS");
  myKeyStore.load(aContext.getResources().openRawResource(R.raw.mytruststore), "password".toCharArray());
  // Create a custom trust manager that accepts the server self-signed certificate
  TrustManagerFactory myTrustManagerFactory = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
      myTrustManagerFactory.init(myKeyStore);
      // Create the SSLContext for the SSLSocket to use
      SSLContext mySSLContext = SSLContext.getInstance("TLS");
      mySSLContext.init(null, myTrustManagerFactory.getTrustManagers(), new SecureRandom());
      // Create SSLSocketFactory
      SSLSocketFactory myFactory = mySSLContext.getSocketFactory();
      MqttConnectOptions myOptions = new MqttConnectOptions();
      myOptions.setCleanSession(false);

      myOptions.setAutomaticReconnect(true);
      myOptions.setKeepAliveInterval(Constant.KEEP_ALIVE_INTERVAL);
      myOptions.setSocketFactory(mySSLContext.getSocketFactory());
      myOptions.setSocketFactory(myFactory);
      theMQTTClient = new MqttAndroidClient(this.theContext,aBrokerUrl,aDeviceId);
      IMqttToken token = theMQTTClient.connect(myOptions);
Â
Â
Kindly help in this regard, As it seems more like an MQTT library specific issue.Â
Â
Â
Kind Regards,
Sumayya Shahzad
Â
_______________________________________________
paho-dev mailing list
paho-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/paho-dev
Â
Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number 741598.
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU


_______________________________________________
paho-dev mailing list
paho-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/paho-dev