When trying to connect to our client's LS server, we receive the error described in this android dev document:
http://developer.android.com/trainin...CommonProblems
We are attempting to solve it using their proposed solution- registering the cert in the applications custom TrustManager.
This example is also from the dev doc referenced above:
Code:
// Load CAs from an InputStream
// (could be from a resource or ByteArrayInputStream or ...)
CertificateFactory cf =CertificateFactory.getInstance("X.509");
InputStream caInput =newBufferedInputStream(newFileInputStream("local.cer"));
Certificate ca;
try{
ca = cf.generateCertificate(caInput);
System.out.println("ca="+((X509Certificate) ca).getSubjectDN());
}finally{
caInput.close();
}
// Create a KeyStore containing our trusted CAs
String keyStoreType =KeyStore.getDefaultType();
KeyStore keyStore =KeyStore.getInstance(keyStoreType);
keyStore.load(null,null);
keyStore.setCertificateEntry("ca", ca);
// Create a TrustManager that trusts the CAs in our KeyStore
String tmfAlgorithm =TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf =TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keyStore);
// Create an SSLContext that uses our TrustManager
SSLContext context =SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(),null);
Uaually the SSLContext is provided to a UriConnection...
Code:
// Tell the URLConnection to use a SocketFactory from our SSLContext
URL url =new URL("https://certs.cac.washington.edu/CAtest/");
HttpsURLConnection urlConnection =
(HttpsURLConnection)url.openConnection();
urlConnection.setSSLSocketFactory(context.getSocketFactory());
How do we get android's LSClient to use this SSLContext which is aware of our self signed cert? Or, is there a way to get our application to use some sort of globally provided HttpsURLConnection?
Bookmarks