All Products
Document Center

Problem of Android 5.x devices with expired certificates

Last Updated: Feb 07, 2022


The following log is reported on the client.  
Could not validate certificate: Certificate expired at Sat No 
v 06 20:00:00 GMT+08:00 2021 (compared to Wed Jan 12 10:12:30 GMT+08:00 2022)\"",


The problem is due to the operating system of Android 5.x devices. Solve this problem by trusting all certificates.


  1. Set TinyAppRequestPluginProvider on the client.

    // Set provider for packet capture in mini programs.
    // H5Utils.setProvider(TinyAppRequestPluginProvider.class.getName() ,
    new TinyAppRequestPluginProviderImp() );
    public class TinyAppRequestPluginProviderImpl implements TinyAppRequestPluginProvider {
        private static final String TAG = "TinyAppRequestPluginProviderImpl";
        SSLSocketFactoryImp sf;
        public void onAndroidHttpClientCreate(AndroidHttpClient androidHttpClient) {
        private void setCA(AndroidHttpClient client) {
            // Trust certificates of Android devices below 5.x.
            if (Build.VERSION.SDK_INT < 23) {
                KeyStore trustStore;
                try {
                    trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
                    trustStore.load(null ,null);
                    // Create SSLSocketFactory and related Socket.
                    sf = new SSLSocketFactoryImp(trustStore);
                            .register(new Scheme("https" ,sf ,443));
                }catch (Exception e){
    /* Baseline 21--*/
    public class SSLSocketFactoryImp extends SSLSocketFactory {
        final SSLContext sslContext = SSLContext.getInstance("TLS");
        public SSLSocketFactoryImp(KeyStore truststore)
                throws NoSuchAlgorithmException, KeyManagementException,
                KeyStoreException, UnrecoverableKeyException {
            TrustManager tm = new X509TrustManager() {
                public[] getAcceptedIssuers() {
                    return null;
                public void checkClientTrusted(
              [] chain,
                        String authType)
                        throws {
                public void checkServerTrusted(
              [] chain,
                        String authType)
                        throws {
            sslContext.init(null, new TrustManager[] { tm }, null);
        public Socket createSocket(Socket socket, String host, int port,
                                   boolean autoClose) throws IOException, UnknownHostException {
            return sslContext.getSocketFactory().createSocket(socket, host,
                    port, autoClose);
        public Socket createSocket() throws IOException {
            return sslContext.getSocketFactory().createSocket();
  2. Install a packet capture tool and set a proxy on your computer.

  3. Enable the proxy and install a trusted certificate on your mobile phone.