Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for self signed certificates #3

Closed
koush opened this issue Jun 3, 2013 · 17 comments

Comments

Projects
None yet
8 participants
@koush
Copy link
Owner

commented Jun 3, 2013

Need support for custom SSL Context and TrustManagers for use during SSL handshaking.

@koush

This comment has been minimized.

Copy link
Owner Author

commented Jun 5, 2013

Fixed with:

Ion.getDefault(getContext()).getHttpClient().getSSLSocketMiddleware().setTrustManagers(...);
Ion.getDefault(getContext()).getHttpClient().getSSLSocketMiddleware().setSSLContext(...);

Fix was in AndroidAsync:
koush/AndroidAsync@968638d

@koush koush closed this Jun 5, 2013

@koush

This comment has been minimized.

Copy link
Owner Author

commented Jun 5, 2013

This test case is also a good sample:

koush/AndroidAsync@968638d#L6R1

@yolapop

This comment has been minimized.

Copy link

commented Nov 27, 2013

Excuse me for asking,
this implementation is basically like "trust all incoming certificate" and not some specific certificate, right?

@koush

This comment has been minimized.

Copy link
Owner Author

commented Nov 27, 2013

It's an implementation to trust a specific cert.

@yolapop

This comment has been minimized.

Copy link

commented Nov 27, 2013

But it doesn't load a specific CA from file, or somewhere, like in here http://developer.android.com/training/articles/security-ssl.html#UnknownCa, so how does it trust from specific cert?

@koush

This comment has been minimized.

Copy link
Owner Author

commented Nov 27, 2013

It does exactly that:

koush/AndroidAsync@968638d#diff-f1b421e2e337ad983791aaef62f7de28R33

See the bit where it sets up it's own trust manager and loads a self signed cert.

@yolapop

This comment has been minimized.

Copy link

commented Nov 27, 2013

Oh, shit. I realized that I misread second comment (or first) this whole time.
Thank you for clarification, Koush.

@rvanzon

This comment has been minimized.

Copy link

commented Mar 10, 2014

Is there maybe a simple example showing how to use this when using Ion to connect to a RESTful server using self signed certificates?

@mannaz

This comment has been minimized.

Copy link

commented Jul 22, 2014

As Ion.with(...) uses a new HttpClient for each call - how can we set a trustManager to be used for all Ion requests?

@anti43

This comment has been minimized.

Copy link

commented Feb 20, 2015

EDIT
@mannaz I got Ion.with to work like this:

    Ion ion = Ion.getDefault(c);
    ion.configure().createSSLContext("TLS");
    ion.getHttpClient().getSSLSocketMiddleware().setSSLContext(sslContext);
    ion.getHttpClient().getSSLSocketMiddleware().setTrustManagers(trustManagers);

( Ion.getDefault(c) is used in Ion.with{})

@koush

This comment has been minimized.

Copy link
Owner Author

commented Feb 20, 2015

ion uses the same http client every call.

@anti43

This comment has been minimized.

Copy link

commented Feb 21, 2015

@koush yes, but as the examples setup

AsyncHttpClient.getDefaultInstance()

and Ion.getDefault(c) is on

new AsyncHttpClient(new AsyncServer("ion-" + name));

the example code does not match the usage of Ion.with ..
That was what was confusing here I guess.

@koush

This comment has been minimized.

Copy link
Owner Author

commented Feb 21, 2015

ion.with calls into ion.getDefault.

@koush

This comment has been minimized.

Copy link
Owner Author

commented Feb 21, 2015

oh, you were assuming that ion uses the default asynchttpclient. nah, it has it's own.

@HughJeffner

This comment has been minimized.

Copy link

commented Mar 3, 2016

Is there a reason .setTrustManagers(...) must be called as well? I thought the SSLContext is initialized with a set of trust managers, this seems like a duplication of effort.

@ibnux

This comment has been minimized.

Copy link

commented Mar 4, 2017

i use Cloudflare Free SSL and getting Error
this is how i resolve it https://gist.github.com/ibnux/4bf68e16e1228b6568a349c583d1cd32

@muhammad-naderi

This comment has been minimized.

Copy link

commented Sep 6, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.