I'm trying to connect my Android App with a server, where i installed self signed certificate. So i used the follwoing instruction (1) to connect my App with the server, by storing the servercertficate (crt. file) into the /raw folder in /res.
(1): Accepting a certificate for HTTPs on Android
--> "If you have a custom/self-signed certificate on server that is not there on device, you can use the below class to load it and use it on client side in Android:
Place the certificate .crt file in /res/raw so that it is available from R.raw."...
And finally it worked, by including the server cert into the /raw folder of res!
But now every app user could see the server certificate, or not? Aren't there important and secure information? Is it really secure to take this server certificate (crt. file) into the App?
I hope that somebody could explain how this is working or can give me a solution. Thanks!
