For https url getting certificate error. not sure where to configure

[tech-ind-02]

We are getting below error when we are sending trace data to https endpoint

java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
at com.android.org.conscrypt.SSLUtils.toSSLHandshakeException(SSLUtils.java:358)
at com.android.org.conscrypt.ConscryptEngine.convertException(ConscryptEngine.java:1131)
at com.android.org.conscrypt.ConscryptEngine.readPlaintextData(ConscryptEngine.java:1086)
at com.android.org.conscrypt.ConscryptEngine.unwrap(ConscryptEngine.java:873)
at com.android.org.conscrypt.ConscryptEngine.unwrap(ConscryptEngine.java:744)
at com.android.org.conscrypt.ConscryptEngine.unwrap(ConscryptEngine.java:709)

Can anyone help me where and how to configure the certificate

If possible please provide complete code for
https://github.com/open-telemetry/opentelemetry-android/blob/main/demo-app/src/main/java/io/opentelemetry/android/demo/OtelDemoApplication.kt

[breedx-splk]

Ideally, the server you are sending data to would have a legit cert that tracks back to one of the standard/common root CAs, but I know that's not always possible....especially in test or ephemeral environments. So, please read this link for documentation on how to configure the OkHttp client, and then you can call

OtlpHttpSpanExporter.builder()
      .setEndpoint(spansIngestUrl)
      .setSslContext(context, trustManager)
      .setTrustedCertificates(trustedCertsPem)
      .build()

It'll take a little bit of effort to get things squared up, but it's definitely possible, and we expose those methods on the exporters for exactly this reason. Cheers!

[LikeTheSalad]

It might also be worth checking Android's official network security config options on how to trust additional CAs.