Results 1 to 5 of 5
  1. #1

    Self signed SSL certificate on Android Client

    Hello, we are having the same issue as the one described here: https://forums.lightstreamer.com/sho...Android-Client.
    We have tried the solution suggested in the aforementioned post but it doesn't seem to work in my case:

    Code:
    CertificateFactory cf = null;
            try {
                cf = CertificateFactory.getInstance("X.509");
                InputStream caInput =  _c.getAssets().open("certificate.cer");
                Certificate ca;
                try{
                    ca = cf.generateCertificate(caInput);
                }finally{
                    caInput.close();
                }
    
    // Create a KeyStore containing our trusted CAs
                String keyStoreType = KeyStore.getDefaultType();
                KeyStore keyStore =KeyStore.getInstance(keyStoreType);
                keyStore.load(null,null);
                keyStore.setCertificateEntry("ca", ca);
    
    // Create a TrustManager that trusts the CAs in our KeyStore
                String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
                TrustManagerFactory tmf =TrustManagerFactory.getInstance(tmfAlgorithm);
                tmf.init(keyStore);
                // Create an SSLContext that uses our TrustManager
                SSLContext context =SSLContext.getInstance("TLS");
                context.init(null, tmf.getTrustManagers(),null);
                HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
                    @Override
                    public boolean verify(String hostname, SSLSession session) {
                        return true;
                    }
                });
                HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());



    Delving into the client's machinery it seems that it ultimately relies on NettyHttp* classes, but there seems to be no way for us to access/configure SSL policies on that layer. Do you have any suggestions?

    Thanks

  2. #2
    Hi,

    We are investigating the issue. We'll answer as soon as possible.

    Regards

  3. #3
    We have decided to extend the client interface to support this use case.
    The patch will be available in the next few days.
    Which client version are you using?

  4. #4
    Hello, thanks! We're currently using the 3.1.6

  5. #5
    We have released the version 3.1.7 of Android client.
    The new library contains the static method LightstreamerClient.setTrustManagerFactory, which can be used to set a global trust manager factory for the library. The method can be called only once before creating any instance of LightstreamerClient.

    You can use the extension in this way, for example:

    /* load the certificate in the trust manager */
    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
    InputStream ksIn = getClass().getResourceAsStream("/my-host.keystore");
    try {
    keyStore.load(ksIn, "my-password".toCharArray());
    } finally {
    ksIn.close();
    }
    TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactor y.getDefaultAlgorithm());
    tmf.init(keyStore);

    /* install the factory */
    LightstreamerClient.setTrustManagerFactory(tmf);

    /* create client */
    LightstreamerClient client = new LightstreamerClient("https://my-host:8443", "TEST");

 

 

Similar Threads

  1. SSL problem with self signed certificate
    By kpturner in forum General
    Replies: 1
    Last Post: October 1st, 2014, 06:46 PM
  2. SSL considerations - self-signed certificate
    By kpturner in forum General
    Replies: 8
    Last Post: July 16th, 2014, 10:04 AM
  3. using a Self Signed SSL on Android Client
    By patrickl in forum Client SDKs
    Replies: 4
    Last Post: December 20th, 2013, 06:06 PM
  4. Replies: 4
    Last Post: September 25th, 2013, 11:19 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
All times are GMT +1. The time now is 10:39 AM.