2

Since Android does not support a new openssl and one of my applicaton needs to use the openssl 1.0.1c , hence I thought of cross building the openssl and curl to android . I have cross built the curl and openssl for the android with help of this link Using cURL in Android .. I am able to build succesfully and got shared libs . and now I am trying to run my application , in my application I need to add my self signed certificates , when I tried to add the certificates which are stored in sdcard via my native culr clienr code ,I am getting the following error response from the curl i.e CURLE_SSL_CERTPROBLEM (58)=>problem with the local client certificate.

I have tested this application on x86 linux PC , my application works fine .

Here with I have put my curl setoption code , and in that I am just trying to read the certificates from sdcard

below are the curl set option I tried to set the certs 

curl_easy_setopt(curl,CURLOPT_SSLCERTTYPE,"DER");
curl_easy_setopt(curl,CURLOPT_SSLKEYTYPE,"DER")
curl_easy_setopt(curl,CURLOPT_SSLCERT,/sdcard/sslcerts/mycert.der);
curl_easy_setopt(curl,CURLOPT_SSLKEY,/sdcard/sslcerts/mykey.der);
curl_easy_setopt(curl,CURLOPT_CAINFO,/sdcard/sslcerts/mycacert.root);
curl_easy_setopt(curl,CURLOPT_CAPATH,/sdcard/sslcerts/);

Am I following the right approach to set the certificates in the android ndk level ?. since this application lib is used my java application is there some other way to load the certs .

Community
  • 1
  • 1
Phions
  • 105
  • 10
  • How do you make sure that your app uses the 1.0.1c openssl libraries? If you don't take special measures, the system library will be loaded! – Alex Cohn Oct 12 '12 at 12:55

1 Answers1

0

Your app will break if run on a device without an SD card. Better copy the requisite files from app assets to your app's data folder on the first run.

Depending on the way you're using NDK (NativeActivity vs. Java activity), you may do it from C or from Java. Either way works.

Also, consider using Java's HTTP stack. It's already there and it supports SSL, no need to drag extra code into the project.

A related example is here: Load files bigger than 1M from assets folder Except you don't need to split the certificates into many files, as they won't ever be around 1 MB.

Community
  • 1
  • 1
Seva Alekseyev
  • 59,826
  • 25
  • 160
  • 281