Android M以前のEncryptホストに接続するCertPathValidatorexception

[編集：2021年1月からrecrypt uppilyイベントの暗号化イベントがここにいて、この最初のhttps://letsencrypt.org/2020/12/21/2020/12/21/android-compatibility.html]を読んでください。

コネクション https://valid-isrgrootx1.letsencrypt.org/ Android mまたは以前のOKHTTPを介して、接続はn以降で動作します。

_    OkHttpClient client = new OkHttpClient();

    try {
      Request request = new Request.Builder()
              .url("https://valid-isrgrootx1.letsencrypt.org/robots.txt")
              .build();
      try (Response response = client.newCall(request).execute()) {
        assertTrue(response.code() == 200 || response.code() == 404);
        assertEquals(Protocol.HTTP_2, response.protocol());
      }
    } catch (SSLHandshakeException sslhe) {
      sslhe.printStackTrace();
    }
_

_javax.net.ssl.SSLHandshakeException: Java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
at com.Android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.Java:322)
at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.Java:320)
at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.Java:284)
at okhttp3.internal.connection.RealConnection.connect(RealConnection.Java:169)
at okhttp3.internal.connection.StreamAllocation.findConnection(StreamAllocation.Java:258)
at okhttp3.internal.connection.StreamAllocation.findHealthyConnection(StreamAllocation.Java:135)
at okhttp3.internal.connection.StreamAllocation.newStream(StreamAllocation.Java:114)
at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.Java:42)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.Java:147)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.Java:121)
at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.Java:93)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.Java:147)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.Java:121)
at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.Java:93)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.Java:147)
at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.Java:127)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.Java:147)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.Java:121)
at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.Java:257)
at okhttp3.RealCall.execute(RealCall.Java:93)
at okhttp.regression.LetsEncryptTest.sendRequest(LetsEncryptTest.Java:133)
at okhttp.regression.LetsEncryptTest.getFailsWithoutAdditionalCert(LetsEncryptTest.Java:52)
at Java.lang.reflect.Method.invoke(Native Method)
at Java.lang.reflect.Method.invoke(Method.Java:372)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.Java:50)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.Java:12)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.Java:47)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.Java:17)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.Java:325)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.Java:78)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.Java:57)
at org.junit.runners.ParentRunner$3.run(ParentRunner.Java:290)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.Java:71)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.Java:288)
at org.junit.runners.ParentRunner.access$000(ParentRunner.Java:58)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.Java:268)
at org.junit.runners.ParentRunner.run(ParentRunner.Java:363)
at androidx.test.ext.junit.runners.AndroidJUnit4.run(AndroidJUnit4.Java:154)
at org.junit.runners.Suite.runChild(Suite.Java:128)
at org.junit.runners.Suite.runChild(Suite.Java:27)
at org.junit.runners.ParentRunner$3.run(ParentRunner.Java:290)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.Java:71)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.Java:288)
at org.junit.runners.ParentRunner.access$000(ParentRunner.Java:58)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.Java:268)
at org.junit.runners.ParentRunner.run(ParentRunner.Java:363)
at org.junit.runner.JUnitCore.run(JUnitCore.Java:137)
at org.junit.runner.JUnitCore.run(JUnitCore.Java:115)
at androidx.test.internal.runner.TestExecutor.execute(TestExecutor.Java:56)
at androidx.test.runner.AndroidJUnitRunner.onStart(AndroidJUnitRunner.Java:395)
at Android.app.Instrumentation$InstrumentationThread.run(Instrumentation.Java:1853)
Caused by: Java.security.cert.CertificateException: Java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
at com.Android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.Java:318)
at com.Android.org.conscrypt.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.Java:219)
at com.Android.org.conscrypt.Platform.checkServerTrusted(Platform.Java:114)
at com.Android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.Java:550)
at com.Android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.Android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.Java:318)
... 50 more
Caused by: Java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
... 56 more
_