Jump to content


  • Content Count

  • Joined

  • Last visited

About LuciaLima

  • Rank

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Context: Android Studio (AS) is an IDE that allows people to create Apps for android powered devices. We can test these apps from within AS using an emulated device, which is a simulation of a physical phone or tablet. I'm testing some Apps that use HTTPS URLs to query an University API website with "GET" request. My KIS is configured to check encrypted connections (as it should, otherwise it would not make sense to buy it, specially now that google declared war on sites without https). Problem: From within the AS device emulator, the App is always somehow blocked from connecting and the error that pops up mentions "javax.net.ssl.SSLHandshakeException ... Trust anchor for certification path not found." Attempts made to solve: I've tried to use HTTP URLs to query other websites that operate under http and everything works smooth. When it comes to the https, I've read that I need to download and install the root and intermediate certificate for that University's webiste. Problem with attempt: If I access the site with this KIS protected machine, when I click on the lock to download the certificates, the root is always KIS personal root certificate, but if I access the site from a machine without KIS I get the root certificate from the Digicert corporation. Something tells me that the server, when I try to connect to it, is looking for a key from my side that will match the encryption from the Digicert CA, which seems to me as being the one who issued their certificate. SO, I'd like someone to explain to me: 1st: why do I get the KIS root certificate instead of the Digicert, when I connect from behind the KIS firewall to that website. 2nd: how will I ever get the needed (Digicert) certificate so I can import it to my truststore, without compromising the system (like deactivating KIS). If I'm mistakened with the way things are happening, or their reasons, please explain to me what has to be done, EXCEPT the option not to check encrypted connections, because that is unnacceptable (for obvious reasons). Many Thanks
  2. Question: I'd like to know why this root certificate, which I can extract from any webpage to which I gave permission in the Exclusions List (from the KIS), is not trusted by Google nor Java/Sun/Oracle. Motivation: I formed the impression that it is not trusted by either after inspecting both: the certificates in Chrome as well as the cacerts file inside JAVA/...jre/.../security and realizing that IT is not present in either. It seems Google and Sun/Oracle have the same level of trust in Kaspersky that they have for Symantec.
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.