cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - If community subscription notifications are filling up your inbox you can set up a daily digest and get all your notifications in a single email. X

Unable to connect to Experience Service (HTTPS protocol) with Android device

dsgnrClarK
16-Pearl

Unable to connect to Experience Service (HTTPS protocol) with Android device

Hi there

 

Here is the situation
Thingworx 8.5.5 works with CERTIFICATE.JKS on Tomcat 8.5.43 (NOT a self-signed-certificate)
Experience Service 8.5.9 uses protocol HTTP, everything works

 

When trying to apply Certificate to Experience Service,
CERTIFICATE.JKS is converted to CERTIFICATE.PFX for usage.

 

start-es
results error (similar here: https://community.ptc.com/t5/Vuforia-Studio/Customer-used-to-Vuforia-Studio-OnPremise-before-and-tried-to/m-p/580637/highlight/true#M4610)

Error: unable to verify the first certificate
at TLSSocket.onConnectSecure (_tls_wrap.js:1473:34)
at TLSSocket.emit (events.js:311:20)
at TLSSocket._finishInit (_tls_wrap.js:916:8)
at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:686:12) {
code: 'UNABLE_TO_VERIFY_LEAF_SIGNATURE'

 

start-es --allowssc would fire up Experience Service
Both https://<server>:2019/ExperienceService/ping 

and https://<server>:2019/ExperienceService/id-resolution/resolutions/?key=urn:vuforia:nokey&resourcetype=Experience&wNdp=768&aspect=spatial-tracking works with TLS on desktop/iOS/Android

 

ISSUE

Using https://<server>:2019 for Vuforia View APP Experience Service URL
Everything works with iOS device

Not working with Android device: nothing in the Library, and "Whoops! Error loading Experience" message shows up when opening an experience

 

Same issue with PEM Certificate on Experience Service


Android logfile Error

 

javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

 

Similar here: https://community.ptc.com/t5/Vuforia-Studio/Vuforia-View-does-not-pulling-the-experiences-from-On-Premises/m-p/615476/highlight/true#M6047

The Root CA is in the list of System Trusted credentials already.

 

Buy the way, no Cleartext issue in the logfile(https://community.ptc.com/t5/Vuforia-Studio/Vuforia-View-quot-Connection-Error-quot-while-scanning-the/m-p/597043#M5226)

 

How to resolve the issue?

 

Any reply is appreciated,

Thanks in advanded


SETUP(same macchine): JAVA 1.8.0_192-b12, Tomcat 8.5.43, TWX 8.5.5, ES 8.5.9, Android 9

3 REPLIES 3

Android devices are a little more particular about the certs they will allow if they aren't from a well known CA. 

Check out this article: https://www.ptc.com/en/support/article/CS301678

 

Are you using a private organization CA? Do you have any intermediate certificates? If so, have you created a cert bundle?

image.png

 

Thanks for reply.

 

android 9, TWCA.jpg

 

  • No intermediate certificates.

 

While unsuccessfully configuring the certificate for the Experience Service, it remains using HTTP only.

Use MED-61226-CD-XXX_SPX_es-X-X-X-bXXXX-XXX-windows-installer.exe which downloaded from https://support.ptc.com/appserver/auth/it/esd/product.jsp?prodFamily=VFS.

Modify

experience servece, modify.png

 

Then Use HTTP (No TLS)

experience servece, use HTTP.png

 

After processing, in configuration.json shows

 

  "port": 2019,
  "realm": "ThingWorx",
  "httpsKeyPath": "",
  "httpsCrtPath": "",
  "httpsCaPath": null,
  "httpsPfxPath": null,
  "httpsCertPassphrase": "",

 

 

In Vuforia View, Experience Service URL is set to http://<server>:2019

Announcements

Top Tags