koobas.hobune.stream
Unity 5.6.7 - UnityWebRequest SSL/HTTPs
Hi, While using Unity 5.6.7, I'm having issues accessing a secured server through HTTPS on Android.
javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
This is not an issue when using recent versions of Unity as UnityWebRequest has the CertificateHandler attribute where I can validate the connection, unfortunately in 5.6.7 this does not exist and I would like to avoid updating the engine.
Please help! Cheers,
It's not really Unity that is having issues. It's your website that is having them ^^. In the past Unity just implemented the default SSL / TLS handler so only trusted certificates are allowed. So you probably use something like a self signed certificate (not trusted in general as it nullifies the point of having one), or if you have a valid certificate, your chain of trust might not be complete. You can use this page to check your certificate chain and you can also download the "fixed" public certificate from this page.
If, for some reason, you really want to bypass security you should be able to use the normal .NET WebRequest clases. Depending on your target platform this might not be an option. However on Android they should work just fine. Just keep in mind that those webrequests are synchronous. So you probably want to use them from a seperate thread. For more information how to use an HTTPWebRequest, see this SO question
Anyways I would strongly suggest that you fix your certificate in the first place. You need an actual registrated SSL certificate that is verified by a root CA. Such certificates usually cost money. However you can use a LetsEncrypt certificate which issues certificates for free. I use one on my raspberry pi web server without any issues. There are just a few things to watch out for. Those certificates usually only last about 3 months. They need to be "refreshed" regularily. Though my server does this automatically through a cron job.
agree with the previous answer, check your website first . I started using an actual registrated SSL certificate too. I found info about best ssl certificates here. SSL cert is quite useful tool to protect website and all its related subdomain and encrypts the connection between users browser and site.
