Accept self-signed certificates #5
Comments
|
I'd like to avoid that if possible. Is it possible for you to get a free certificate from Let's Encrypt? |
|
I am currently using dynamic dns. As lets encrypt has registration limits for domains. It is almost impossible to get a certificate for such an address. I already imported my certificate, but it didnt work correctly. |
|
Turns out that depending on your ddns provider, you can get a certificate from lets encrypt, if it is on the public suffix list: certbot/certbot#1607 (comment) |
|
I just reverted the integration of MemorizingTrustManager and the app therefore doesn't accept self-signed certs anymore (starting with the next release probably). It just opens too many security issues. Also MemorizingTrustManager isn't maintained anymore, which is not good for security related code. (It's also recommended by owncloud news maintainer not to disable cert checking: https://github.com/owncloud/news/blob/master/docs/developer/External-Api.md#security-guidelines). |
|
I updated to Nougat and it seems that CACert is not accepted even if I installed it? |
|
Do other apps accept CACert certificates? I use the trust store provided by android, so it should work if it is correctly installed. |
|
DAVDroid does and I just saw that they switched from MemorizingTrustManager to cert4android. |
|
Thanks for the pointer. It seems I have to add a network security config for Android 7 to accept user-installed certificates, will look into this |
|
@ilpianista Just released version 0.27 which adds the necessary configuration to accept user added CAs again, should be on F-Droid in the next couple days |
|
Great! Thank you! |
Please include the option to accept self-signed certificates. Currently it will exit with a trust anchor problem.
The text was updated successfully, but these errors were encountered: