1

I want a server to validate a client through a certificate. I have the certificate user_cert.pem and the key user_cert.pkey stored locally. How will i do an httpsURLconnection authenticating the client to the server?

I have searched, but i am a little bit confused. I found this link .

The problem is that my certificate is in *.pem format.

Should i set the KeyStore like this?

 KeyStore ks = KeyStore.getInstance("PEM");

Sorry, if i give vague information, but i think there is not enough documentation.

I found a post describing android supports certificates only in BKS Format and if we have certificates in PEM format, we should change them into BKS format through the Portecle GUI software.

I just ask for any source for information about client certificates in PEM format in android .

Community
  • 1
  • 1
zoe vas
  • 281
  • 9
  • 25

1 Answers1

0

First thing first, your private key won't be private anymore if your application is distributed because it can be extracted from an APK easily.

80% of the code needed for using client certificates is in the official Android documentation (Unknown certificate authority). Then, instead of the part with TrustManagerFactory, use a KeyManagerFactory and call sslContext.init(kmf.getKeyManagers(), null, null);.

FYI:

  • CRT/PEM is the same certificate format. Only the file extension changes.
  • BKS is the Android equivalent of JKS because JKS are not usable in Android.
neomega
  • 712
  • 5
  • 19