Lost ability to connect to my HTTPS site from Android application: Trust anchor for certification path not found


Viewed 374 times


I have two mobile applications, which access my site https://example.com from inside. Recently, I have prolonged certificate for one year and replaced it on nginx’ config.

Now web browsers open site well, iOS application opens site well, but Android application doesn’t open it saying

Caused by: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

with the code

    myUrl = URL("https://example.com")
    try {
        conn = myUrl.openConnection() as HttpsURLConnection
        conn.readTimeout = 10000
        conn.connectTimeout = 15000
        conn.requestMethod = "POST"
        conn.doInput = true
        conn.doOutput = true

        val postData = URLEncoder.encode(...

        val os = conn.outputStream

What it wants and how to fix?

Reinstall doesn’t help. Running under debugger shows this error.

1 Answer


It was a problem with certificate on my site, not in the application. By some reason, only Android application was sesitive to this problem. iOS application and all web browsers were reporting certificate is ok. SSL check sites like digicert.com were reporting chain problems.

What I did is I took this file pointed by nginx

ssl_certificate /etc/ssl/certs/my_certificate.crt;

which had only one certificate inside and then pasted two other certificates from my provider. These additional certificates were entitled “root” and “intermediate”.

After that problem was gone.