I'm trying to connect to a node.js based TLS server from my Android app. Naturally it fails becouse I'm using a self-signed certificate.
Is there anyway I can just add the certificate to my app and have Android trust it somehow? Note, I'm not using HTTPS, this is a TLS over TCP connection.
After a lot of reading around, I came up with an answer.
A pretty good guide is here: http://nelenkov.blogspot.no/2011/12/using-custom-certificate-trust-store-on.html
Now, since I'm not using HTTPS, I had to come up with a slightly different approach for getting a clean SSL socket with the new keystore:
KeyStore store = KeyStore.getInstance("BKS");
InputStream truststore = mainActivity.getResources().openRawResource(R.raw.trust);
store.load(truststore, "PASSWORD".toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
tmf.init(store);
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), new SecureRandom());
Socket socket = context.getSocketFactory().createSocket(ip, port);
Adding certificate to your application isn't recommended. You'll have problems with updating the certificate.
Have you looked at:
Self-signed SSL acceptance on Android
HTTPS GET (SSL) with Android and self-signed server certificate
?
