Feature request: Allow user/custom certificate CA #5
Comments
|
I think to "allow" it, one needs to somehow import the ca certificate into androids trust store. I have no idea, how that is done. I'm also fine with accepting ssl connections without verifying the connection. A switch in the app would be nice, of course. |
|
I tried importing it into the store. Other apps like chrome etc. don't complain about my certificate anymore. The docspell app still does, it does not seem to honor the android cert store. |
|
Thank you @TheOneValen for the update! so, this is my very first android app :-). It is very likely I missed a setting; i'd have thought that the http client lib uses the system trust store…. Have to take a deeper look |
|
I think you will need to allow user added certificates in the android manifest file. That should do the trick. https://developer.android.com/training/articles/security-config This sadly means everybody who installs their own certificates will be nagged in the drawer that the traffic may be snooped upon...... Surely its possible to let the user install a certificate just for this app, but that is definitely much much more work. |
|
Thank you! So this is even the default for android <= 6.0. I'm going to add this; or if you want to do it, also great :-) |
|
I'll add it within the next few days. |
My DocSpell is reachable via SSL; when trying to upload data, I get an error that the certificate chain is broken. My certificate is issued by a local CA, the certificate is added in the user store.
I think accepting user SSL certificates has to be explicitly enabled in the manifest (at least that's what Google pointed me to). Not everyone is crazy enough to set up his/her own CA, but self-signed certs might be a more common case. So it would be great to have an option to accept a self-made certificate (or its CA).
The text was updated successfully, but these errors were encountered: