1

I have to do https connection and I have found some code here Android/Java -- How to Create HTTPS Connection?

What I want to ask is if this is OK to do, since I have to supply the keystore password also.

What I thought I have to do is to get some ID data when establishing https connection and to discard the connection if it was somehow routed elsewhere (ID not recognized).

Or maybe the http client automatically discards the connection if it sees somehow that the URL address from the certificate is not as the specified one (well I do not think it is this way but you never know). Obviously I am not expert. This example puzzles me.

Thanks Nenad

Community
  • 1
  • 1
Čikić Nenad
  • 392
  • 5
  • 13

1 Answers1

0

I wrote a detailed blog post about a year ago that shows in great detail, all of the steps that you need to do to set up an HTTPS connection on Android, using a self-signed server certificate and client certificate.

Unlike the accepted answer to the question that you pointed to, my solution does not require you to create the keystore manually.

The code in that blog post is in use in a real application, so I can tell you that it is tested, and works.

GreyBeardedGeek
  • 29,460
  • 2
  • 47
  • 67
  • I will purchase the certificate because my application has also a web site so I want to serve both browsers and the android app I have written. How this relates to your code? I see that you also supply the password. My concern was about specifying the pass inside the android app. I am just not expert enough on https to know if this is acceptable. Thanks – Čikić Nenad Oct 05 '13 at 04:23
  • I have read yours blog and it helped me to understand the process of establishing https. Thanks – Čikić Nenad Oct 05 '13 at 10:05