I feel like I’m back to 2017 with this topic - TLS connection example for Android
Anyways, Smack 4.4.3 on Android 9. Debug build of application works fine. Release build does not connect with this error:
2021-08-16 17:49:18.162 31086-32440/? W/AbstractXMPPConnection: Connection XMPPTCPConnection[not-authenticated] (2) closed with error
javax.net.ssl.SSLHandshakeException: java.lang.RuntimeException: java.lang.RuntimeException: java.security.KeyStoreException: BKS not found
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.startHandshake(:com.google.android.gms@212621027@21.26.21 (100308-387928701):25)
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.waitForHandshake(:com.google.android.gms@212621027@21.26.21 (100308-387928701):1)
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.getInputStream(:com.google.android.gms@212621027@21.26.21 (100308-387928701):6)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.initReaderAndWriter(XMPPTCPConnection.java:1)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.proceedTLSReceived(XMPPTCPConnection.java:8)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.access$1400(XMPPTCPConnection.java:1)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:66)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$700(XMPPTCPConnection.java:1)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:2)
at java.lang.Thread.run(Thread.java:798)
Caused by: java.security.cert.CertificateException: java.lang.RuntimeException: java.lang.RuntimeException: java.security.KeyStoreException: BKS not found
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.verifyCertificateChain(:com.google.android.gms@212621027@21.26.21 (100308-387928701):8)
at com.google.android.gms.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.google.android.gms.org.conscrypt.NativeSsl.doHandshake(:com.google.android.gms@212621027@21.26.21 (100308-387928701):6)
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.startHandshake(:com.google.android.gms@212621027@21.26.21 (100308-387928701):16)
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.waitForHandshake(:com.google.android.gms@212621027@21.26.21 (100308-387928701):1)
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.getInputStream(:com.google.android.gms@212621027@21.26.21 (100308-387928701):6)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.initReaderAndWriter(XMPPTCPConnection.java:1)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.proceedTLSReceived(XMPPTCPConnection.java:8)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.access$1400(XMPPTCPConnection.java:1)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:66)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$700(XMPPTCPConnection.java:1)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:2)
at java.lang.Thread.run(Thread.java:798)
Caused by: java.lang.RuntimeException: java.lang.RuntimeException: java.security.KeyStoreException: BKS not found
at com.google.android.gms.org.conscrypt.Platform.checkTrusted(:com.google.android.gms@212621027@21.26.21 (100308-387928701):4)
at com.google.android.gms.org.conscrypt.Platform.checkServerTrusted(:com.google.android.gms@212621027@21.26.21 (100308-387928701):1)
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.verifyCertificateChain(:com.google.android.gms@212621027@21.26.21 (100308-387928701):6)
at com.google.android.gms.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.google.android.gms.org.conscrypt.NativeSsl.doHandshake(:com.google.android.gms@212621027@21.26.21 (100308-387928701):6)
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.startHandshake(:com.google.android.gms@212621027@21.26.21 (100308-387928701):16)
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.waitForHandshake(:com.google.android.gms@212621027@21.26.21 (100308-387928701):1)
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.getInputStream(:com.google.android.gms@212621027@21.26.21 (100308-387928701):6)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.initReaderAndWriter(XMPPTCPConnection.java:1)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.proceedTLSReceived(XMPPTCPConnection.java:8)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.access$1400(XMPPTCPConnection.java:1)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:66)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$700(XMPPTCPConnection.java:1)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:2)
at java.lang.Thread.run(Thread.java:798)
Caused by: java.lang.RuntimeException: java.security.KeyStoreException: BKS not found
at android.security.net.config.NetworkSecurityTrustManager.<init>(NetworkSecurityTrustManager.java:62)
at android.security.net.config.NetworkSecurityConfig.getTrustManager(NetworkSecurityConfig.java:114)
at android.security.net.config.RootTrustManager.checkServerTrusted(RootTrustManager.java:88)
at java.lang.reflect.Method.invoke(Native Method)
at com.google.android.gms.org.conscrypt.Platform.checkTrusted(:com.google.android.gms@212621027@21.26.21 (100308-387928701):2)
at com.google.android.gms.org.conscrypt.Platform.checkServerTrusted(:com.google.android.gms@212621027@21.26.21 (100308-387928701):1)
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.verifyCertificateChain(:com.google.android.gms@212621027@21.26.21 (100308-387928701):6)
at com.google.android.gms.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.google.android.gms.org.conscrypt.NativeSsl.doHandshake(:com.google.android.gms@212621027@21.26.21 (100308-387928701):6)
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.startHandshake(:com.google.android.gms@212621027@21.26.21 (100308-387928701):16)
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.waitForHandshake(:com.google.android.gms@212621027@21.26.21 (100308-387928701):1)
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.getInputStream(:com.google.android.gms@212621027@21.26.21 (100308-387928701):6)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.initReaderAndWriter(XMPPTCPConnection.java:1)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.proceedTLSReceived(XMPPTCPConnection.java:8)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.access$1400(XMPPTCPConnection.java:1)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:66)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$700(XMPPTCPConnection.java:1)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:2)
at java.lang.Thread.run(Thread.java:798)
Caused by: java.security.KeyStoreException: BKS not found
at java.security.KeyStore.getInstance(KeyStore.java:890)
at android.security.net.config.NetworkSecurityTrustManager.<init>(NetworkSecurityTrustManager.java:58)
at android.security.net.config.NetworkSecurityConfig.getTrustManager(NetworkSecurityConfig.java:114)
at android.security.net.config.RootTrustManager.checkServerTrusted(RootTrustManager.java:88)
at java.lang.reflect.Method.invoke(Native Method)
at com.google.android.gms.org.conscrypt.Platform.checkTrusted(:com.google.android.gms@212621027@21.26.21 (100308-387928701):2)
at com.google.android.gms.org.conscrypt.Platform.checkServerTrusted(:com.google.android.gms@212621027@21.26.21 (100308-387928701):1)
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.verifyCertificateChain(:com.google.android.gms@212621027@21.26.21 (100308-387928701):6)
at com.google.android.gms.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.google.android.gms.org.conscrypt.NativeSsl.doHandshake(:com.google.android.gms@212621027@21.26.21 (100308-387928701):6)
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.startHandshake(:com.google.android.gms@212621027@21.26.21 (100308-387928701):16)
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.waitForHandshake(:com.google.android.gms@212621027@21.26.21 (100308-387928701):1)
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.getInputStream(:com.google.android.gms@212621027@21.26.21 (100308-387928701):6)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.initReaderAndWriter(XMPPTCPConnection.java:1)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.proceedTLSReceived(XMPPTCPConnection.java:8)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.access$1400(XMPPTCPConnection.java:1)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:66)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$700(XMPPTCPConnection.java:1)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:2)
at java.lang.Thread.run(Thread.java:798)
Caused by: java.security.NoSuchAlgorithmException: BKS KeyStore not available
at sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
at java.security.Security.getImpl(Security.java:628)
at java.security.KeyStore.getInstance(KeyStore.java:887)
at android.security.net.config.NetworkSecurityTrustManager.<init>(NetworkSecurityTrustManager.java:58)
at android.security.net.config.NetworkSecurityConfig.getTrustManager(NetworkSecurityConfig.java:114)
at android.security.net.config.RootTrustManager.checkServerTrusted(RootTrustManager.java:88)
at java.lang.reflect.Method.invoke(Native Method)
at com.google.android.gms.org.conscrypt.Platform.checkTrusted(:com.google.android.gms@212621027@21.26.21 (100308-387928701):2)
at com.google.android.gms.org.conscrypt.Platform.checkServerTrusted(:com.google.android.gms@212621027@21.26.21 (100308-387928701):1)
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.verifyCertificateChain(:com.google.android.gms@212621027@21.26.21 (100308-387928701):6)
at com.google.android.gms.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.google.android.gms.org.conscrypt.NativeSsl.doHandshake(:com.google.android.gms@212621027@21.26.21 (100308-387928701):6)
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.startHandshake(:com.google.android.gms@212621027@21.26.21 (100308-387928701):16)
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.waitForHandshake(:com.google.android.gms@212621027@21.26.21 (100308-387928701):1)
at com.google.android.gms.org.conscrypt.ConscryptFileDescriptorSocket.getInputStream(:com.google.android.gms@212621027@21.26.21 (100308-387928701):6)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.initReaderAndWriter(XMPPTCPConnection.java:1)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.proceedTLSReceived(XMPPTCPConnection.java:8)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.access$1400(XMPPTCPConnection.java:1)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:66)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$700(XMPPTCPConnection.java:1)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:2)
at java.lang.Thread.run(Thread.java:798)
...
Previously used Smack 4.3.5 and both Debug and Release builds worked ok.