tags:

views:

3069

answers:

3
+1  Q: 

Self Signed SSL acceptance Android

Ive looked everywhere on the internet and while some people claim to have found the solution, it either does not work or there is no Sample code to back it up. Does anyone know how to accept a self signed cert in java on the android? A code sample would be perfect.

Thanks, Faisal

+5  A: 

I have this functionality in exchangeIt, which connects to Microsoft exchange via WebDav. Here's some code to create an HttpClient which will connect to self signed cert's via SSL:

SchemeRegistry schemeRegistry = new SchemeRegistry();
// http scheme
schemeRegistry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
// https scheme
schemeRegistry.register(new Scheme("https", new EasySSLSocketFactory(), 443));

HttpParams params = new BasicHttpParams();
params.setParameter(ConnManagerPNames.MAX_TOTAL_CONNECTIONS, 30);
params.setParameter(ConnManagerPNames.MAX_CONNECTIONS_PER_ROUTE, new ConnPerRouteBean(30));
params.setParameter(HttpProtocolParams.USE_EXPECT_CONTINUE, false);
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);

ClientConnectionManager cm = new ThreadSafeClientConnManager(params, schemeRegistry);

The EasySSLSocketFactory is here, and the EasyX509TrustManager is here.

The code for exchangeIt is open source, and hosted on googlecode here, if you have any issues. I'm not actively working on it anymore, but the code should work.

Brian Yarger  2009-08-01 18:22:12
Your the best! Thanks, ill implement it really soon!
Faisal Abid  2009-08-01 18:26:15
+4  A: 

Here's another way, without any extra classes:

import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.X509TrustManager;

private void trustEveryone() {
 try {
  HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier(){
       public boolean verify(String hostname, SSLSession session) {
        return true;
       }});
  SSLContext context = SSLContext.getInstance("TLS");
  context.init(null, new X509TrustManager[]{new X509TrustManager(){
   public void checkClientTrusted(X509Certificate[] chain,
     String authType) throws CertificateException {}
   public void checkServerTrusted(X509Certificate[] chain,
     String authType) throws CertificateException {}
   public X509Certificate[] getAcceptedIssuers() {
    return new X509Certificate[0];
   }}}, new SecureRandom());
  HttpsURLConnection.setDefaultSSLSocketFactory(
    context.getSocketFactory());
 } catch (Exception e) { // should never happen
  e.printStackTrace();
 }
}
Chris Boyle  2009-10-22 15:24:00
Where would you call this method?
Faisal Abid  2009-10-22 17:26:49
You would call it anywhere before opening an https connection. Any connection using URL.openConnection / HttpsURLConnection should be affected.
Chris Boyle  2009-10-26 08:45:22

related questions

Why is access denied when installing SSL cert on IIS 5?
What does a PHP developer need to know about https / secure socket layer connections?
Am I turning away customers by disabling SSL 2.0 and PCT 1.0 in IIS5?
Coding Dojo with IE and SSL
Enforce SSL in code in an ashx handler
How to connect to PostgreSQL from .NET using TLS with both client and server authentication?
HELP SSL GURUs!!! ... Problems with SSL Connection
What's a clean/simple way to ensure the security of a page?
How to specify accepted certificates for Client Authentication in .NET SslStream
SharePoint stream file for preview
Problem with Oracle Application Server SSL Certificates
Is there a limit with the number of SSL connections?
Testing HTTPS files with MAMP
Cheapest SSL certificates
Limiting traffic to SSL version of page only
How do I support SSL Client Certificate authentication?
Why can't I connect to my CAS server with Perl's AuthCAS?
Is there a way to make Firefox ignore invalid ssl-certificates?
How do I create a self signed SSL certificate to use while testing a web app.
Can a proxy server cache SSL GETs? If not, would response body encryption suffice?
HTTPS in IIS 5.1
How do you redirect HTTPS to HTTP?
Debugging: IE6 + SSL + AJAX + post form = 404 error
How do I add SSL to a .net application that uses httplistener - it will *not* be running on IIS
Options for Google Maps over SSL