Flow, thank you SO much!
By pointing out again and again you directed me the right path along this way.
I just removed the customContext and everything works.
To complete this thread, here is the full exception with all the inner exceptions, where the bold lines showed me the problem.
Connection closed with error
javax.net.ssl.SSLHandshakeException: java.lang.RuntimeException: Failed to load certificates from KeyStore
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.ja va:361)
at com.android.org.conscrypt.OpenSSLSocketImpl.waitForHandshake(OpenSSLSocketImpl. java:682)
at com.android.org.conscrypt.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.ja va:644)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.initReaderAndWriter(XMPPTCPConnect ion.java:659)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.proceedTLSReceived(XMPPTCPConnecti on.java:766)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.access$1000(XMPPTCPConnection.java :140)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPC onnection.java:1022)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$300(XMPPTCPCon nection.java:956)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnecti on.java:971)
at java.lang.Thread.run(Thread.java:761)
Caused by: java.security.cert.CertificateException: java.lang.RuntimeException: Failed to load certificates from KeyStore
at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocke tImpl.java:617)
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.ja va:357)
at com.android.org.conscrypt.OpenSSLSocketImpl.waitForHandshake(OpenSSLSocketImpl. java:682)
at com.android.org.conscrypt.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.ja va:644)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.initReaderAndWriter(XMPPTCPConnect ion.java:659)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.proceedTLSReceived(XMPPTCPConnecti on.java:766)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.access$1000(XMPPTCPConnection.java :140)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPC onnection.java:1022)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$300(XMPPTCPCon nection.java:956)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnecti on.java:971)
at java.lang.Thread.run(Thread.java:761)
Caused by: java.lang.RuntimeException: Failed to load certificates from KeyStore
** at android.security.net.config.KeyStoreCertificateSource.ensureInitialized(KeyStor eCertificateSource.java:70)**
at android.security.net.config.KeyStoreCertificateSource.findBySubjectAndPublicKey (KeyStoreCertificateSource.java:77)
at android.security.net.config.CertificatesEntryRef.findBySubjectAndPublicKey(Cert ificatesEntryRef.java:47)
at android.security.net.config.NetworkSecurityConfig.findTrustAnchorBySubjectAndPu blicKey(NetworkSecurityConfig.java:123)
at android.security.net.config.TrustedCertificateStoreAdapter.getTrustAnchor(Trust edCertificateStoreAdapter.java:51)
at com.android.org.conscrypt.TrustManagerImpl.findTrustAnchorBySubjectAndPublicKey (TrustManagerImpl.java:795)
at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:3 93)
at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:3 75)
at com.android.org.conscrypt.TrustManagerImpl.getTrustedChainForServer(TrustManage rImpl.java:304)
at android.security.net.config.NetworkSecurityTrustManager.checkServerTrusted(Netw orkSecurityTrustManager.java:94)
at android.security.net.config.RootTrustManager.checkServerTrusted(RootTrustManage r.java:88)
at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:178)
at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocke tImpl.java:596)
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.ja va:357)
at com.android.org.conscrypt.OpenSSLSocketImpl.waitForHandshake(OpenSSLSocketImpl. java:682)
at com.android.org.conscrypt.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.ja va:644)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.initReaderAndWriter(XMPPTCPConnect ion.java:659)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.proceedTLSReceived(XMPPTCPConnecti on.java:766)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.access$1000(XMPPTCPConnection.java :140)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPC onnection.java:1022)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$300(XMPPTCPCon nection.java:956)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnecti on.java:971)
at java.lang.Thread.run(Thread.java:761)
Caused by: java.security.KeyStoreException: Uninitialized keystore
at java.security.KeyStore.size(KeyStore.java:1071)
at android.security.net.config.KeyStoreCertificateSource.ensureInitialized(KeyStor eCertificateSource.java:58)
at android.security.net.config.KeyStoreCertificateSource.findBySubjectAndPublicKey (KeyStoreCertificateSource.java:77)
at android.security.net.config.CertificatesEntryRef.findBySubjectAndPublicKey(Cert ificatesEntryRef.java:47)
at android.security.net.config.NetworkSecurityConfig.findTrustAnchorBySubjectAndPu blicKey(NetworkSecurityConfig.java:123)
at android.security.net.config.TrustedCertificateStoreAdapter.getTrustAnchor(Trust edCertificateStoreAdapter.java:51)
at com.android.org.conscrypt.TrustManagerImpl.findTrustAnchorBySubjectAndPublicKey (TrustManagerImpl.java:795)
at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:3 93)
at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:3 75)
at com.android.org.conscrypt.TrustManagerImpl.getTrustedChainForServer(TrustManage rImpl.java:304)
at android.security.net.config.NetworkSecurityTrustManager.checkServerTrusted(Netw orkSecurityTrustManager.java:94)
at android.security.net.config.RootTrustManager.checkServerTrusted(RootTrustManage r.java:88)
at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:178)
at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocke tImpl.java:596)
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.ja va:357)
at com.android.org.conscrypt.OpenSSLSocketImpl.waitForHandshake(OpenSSLSocketImpl. java:682)
at com.android.org.conscrypt.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.ja va:644)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.initReaderAndWriter(XMPPTCPConnect ion.java:659)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.proceedTLSReceived(XMPPTCPConnecti on.java:766)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.access$1000(XMPPTCPConnection.java :140)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPC onnection.java:1022)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$300(XMPPTCPCon nection.java:956)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnecti on.java:971)
at java.lang.Thread.run(Thread.java:761)
I didn’t have this stacktrace from a production device and could only set up an emulator with 7.1.1 here but anyway, it worked, it was worth the effort, switching the branch, checking out the specific live version, rebuilding, setting up an emulator and and and…
So, the bug was: Up to Android 6 the KeyStore seems to check for itself, if not initialized, then doing a load or something similar. In A7 it no longer does that, it stays uninitialized.
Yes, your though was perfectly right: I just removed the custom context, and everything is fine.
To answer your question “why” I had the customContext or what I wanted to achieve with it: Honestly, making the connection have been the first steps with this library, mainly supported by code-samples from here and there (this site, stackoverflow, codeproject… the usual suspects).
It worked, and I didn’t think about it again. That’s all .
So, lets close it with a big “THANKS” in your direction!
Cheers, Mike