android – your app is using unsafe implementation of hostname verifier-ThrowExceptions

Exception or error:

When I am uploading my app to playstore it shows the warning

“your app is using unsafe implementation of hostname verifier”

How to solve this problem.

 SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new SecureRandom());
 HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFa‌​ctory());
 HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {

 @Override public boolean verify(String arg0, SSLSession arg1) {

       return true; 
   } 
}); 
How to solve:

You are using an unsafe implementation of the HostnameVerifier interface here

HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { 
    @Override public boolean verify(String arg0, SSLSession arg1) { 
        return true; 
    } 
});

Google is pretty strict about it these days.
You can check this link for more information.

Instead of true always return false whenever the hostname of the server does not meet your expectations.

Instead use

@Override
public boolean verify(String arg0, SSLSession arg1) { 
    HostnameVerifier hv = HttpsURLConnection.getDefaultHostnameVerifier();
    return hv.verify("your_domain.com", arg1);
}

Leave a Reply

Your email address will not be published. Required fields are marked *