Я пытаюсь безопасно запросить данные у https://jsonplaceholder.typicode.com/ из моей программы, использующей android модернизацию. Я получаю следующую ошибку
W/System.err: java.security.cert.CertificateException: com.android.org.conscrypt.OpenSSLX509CertificateFactory$ParsingException: com.android.org.conscrypt.OpenSSLX509CertificateFactory$ParsingException: java.lang.RuntimeException: error:0c00007b:ASN.1 encoding routines:OPENSSL_internal:HEADER_TOO_LONG
at com.android.org.conscrypt.OpenSSLX509CertificateFactory.engineGenerateCertificate(OpenSSLX509CertificateFactory.java:280)
at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:362)
at com.dixieline.retrofitexample.SelfSigningClientBuilder.createClient(SelfSigningClientBuilder.java:43)
at com.dixieline.retrofitexample.MainActivity.onCreate(MainActivity.java:43)
at android.app.Activity.performCreate(Activity.java:6975)
at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1213)
W/System.err: at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2770)
at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2892)
at android.app.ActivityThread.-wrap11(Unknown Source:0)
at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1593)
at android.os.Handler.dispatchMessage(Handler.java:105)
at android.os.Looper.loop(Looper.java:164)
Вот мой код:
public class MainActivity extends AppCompatActivity {
private static final String TAG = "MainActivity";
private TextView textViewResult;
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
textViewResult = findViewById(R.id.text_view_result);
Retrofit retrofit = new Retrofit.Builder()
.baseUrl("https://jsonplaceholder.typicode.com/")
.addConverterFactory(GsonConverterFactory.create())
.client(SelfSigningClientBuilder.createClient(this))
.build();
Log.i(TAG, "onCreate: retrofit == "+retrofit);
JsonPlaceHolderApi jsonPlaceHolderApi = retrofit.create(JsonPlaceHolderApi.class);
Log.i(TAG, "onCreate: jsonPlaceHolderApi >>> "+jsonPlaceHolderApi);
Call<List<Post>> call = jsonPlaceHolderApi.getPosts();
Log.i(TAG, "onCreate: call >> "+call.toString());
call.enqueue(new Callback<List<Post>>() {
@Override
public void onResponse(Call<List<Post>> call, Response<List<Post>> response) {
if(!response.isSuccessful()) {
textViewResult.setText("Code: "+response.code());
return;
}
List<Post> posts = response.body();
String content = "";
for(Post post : posts) {
content += "ID: "+post.getId()+ "\n";
content += "UserID: "+post.getUserId()+ "\n";
content += "Title: "+post.getTitle()+ "\n";
content += "Text: "+post.getText()+ "\n\n";
}
textViewResult.setText(content);
}
@Override
public void onFailure(Call<List<Post>> call, Throwable t) {
textViewResult.setText("Error >>> "+t.getMessage());
}
});
}
}
SelfSigningClientBuider. java
public class SelfSigningClientBuilder {
public static OkHttpClient createClient(Context context) {
OkHttpClient client = null;
CertificateFactory cf = null;
InputStream cert = null;
Certificate ca = null;
SSLContext sslContext = null;
try {
cf = CertificateFactory.getInstance("X.509");
cert = context.getResources().openRawResource(R.raw.cacerts); // Place your 'my_cert.crt' file in `res/raw`
//cert = context.getResources().openRawResource(R.)
ca = cf.generateCertificate(cert);
cert.close();
String keyStoreType = KeyStore.getDefaultType();
KeyStore keyStore = KeyStore.getInstance(keyStoreType);
keyStore.load(null, null);
keyStore.setCertificateEntry("ca", ca);
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keyStore);
sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, tmf.getTrustManagers(), null);
client = new OkHttpClient.Builder()
.sslSocketFactory(sslContext.getSocketFactory())
.build();
} catch (KeyStoreException | CertificateException | NoSuchAlgorithmException | IOException | KeyManagementException e) {
e.printStackTrace();
}
return client;
}
}
Файл сертификата доступен в res / сырое место. 
С нетерпением ждем любой помощи / предложений !!