1

I have Android 4.1.2 device. I'm trying to download file from HTTPS and get error about not valid certificate.

Ok, I created custom TrustManager, which skips this error.

How to specify, that DownloadManager used my HttpClient whith custom TrustManager?

ilyamuromets
  • 403
  • 1
  • 7
  • 18
  • instead of TrustManager you should use the 4.3+ version of HttpClient and look at this answer http://stackoverflow.com/questions/28196074/peer-not-authenticated-in-java/28210524#28210524 – EpicPandaForce Feb 20 '15 at 14:16

1 Answers1

2

Implementing a custom "Dummy-TrustManager" is a simple but dumb idea as it destroys the security of SSL/TLS.

What you need instead is to trust that specific certificate of the server, not every (self-signed) certificate in the world!

There is a complete blog topic by Nikolay Elenkov which explains everything you need, including code samples: Using a Custom Certificate Trust Store on Android

Robert
  • 39,162
  • 17
  • 99
  • 152
  • I'm not using urlConnection. All the work perform DownloadManager. I got error java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. FinalStatus = 194 – ilyamuromets Feb 20 '15 at 14:22
  • The DownloadManager is a system service. You can not run own code in that context and it has no option to configure the trusted certificates. Hence the only chance is to install the untrusted certificate system wide via security settings. – Robert Feb 20 '15 at 16:53