Add support for self signed certificates #3

Closed
koush opened this Issue Jun 3, 2013 · 15 comments

Projects

None yet

6 participants

@koush
Owner
koush commented Jun 3, 2013

Need support for custom SSL Context and TrustManagers for use during SSL handshaking.

@koush
Owner
koush commented Jun 5, 2013

Fixed with:

Ion.getDefault(getContext()).getHttpClient().getSSLSocketMiddleware().setTrustManagers(...);
Ion.getDefault(getContext()).getHttpClient().getSSLSocketMiddleware().setSSLContext(...);

Fix was in AndroidAsync:
koush/AndroidAsync@968638d

@koush koush closed this Jun 5, 2013
@koush
Owner
koush commented Jun 5, 2013

This test case is also a good sample:

koush/AndroidAsync@968638d#L6R1

@yolapop
yolapop commented Nov 27, 2013

Excuse me for asking,
this implementation is basically like "trust all incoming certificate" and not some specific certificate, right?

@koush
Owner
koush commented Nov 27, 2013

It's an implementation to trust a specific cert.

@yolapop
yolapop commented Nov 27, 2013

But it doesn't load a specific CA from file, or somewhere, like in here http://developer.android.com/training/articles/security-ssl.html#UnknownCa, so how does it trust from specific cert?

@koush
Owner
koush commented Nov 27, 2013

It does exactly that:

koush/AndroidAsync@968638d#diff-f1b421e2e337ad983791aaef62f7de28R33

See the bit where it sets up it's own trust manager and loads a self signed cert.

@yolapop
yolapop commented Nov 27, 2013

Oh, shit. I realized that I misread second comment (or first) this whole time.
Thank you for clarification, Koush.

@rvanzon
rvanzon commented Mar 10, 2014

Is there maybe a simple example showing how to use this when using Ion to connect to a RESTful server using self signed certificates?

@mannaz
mannaz commented Jul 22, 2014

As Ion.with(...) uses a new HttpClient for each call - how can we set a trustManager to be used for all Ion requests?

@anti43
anti43 commented Feb 20, 2015

EDIT
@mannaz I got Ion.with to work like this:

    Ion ion = Ion.getDefault(c);
    ion.configure().createSSLContext("TLS");
    ion.getHttpClient().getSSLSocketMiddleware().setSSLContext(sslContext);
    ion.getHttpClient().getSSLSocketMiddleware().setTrustManagers(trustManagers);

( Ion.getDefault(c) is used in Ion.with{})

@koush
Owner
koush commented Feb 20, 2015

ion uses the same http client every call.

@anti43
anti43 commented Feb 21, 2015

@koush yes, but as the examples setup

AsyncHttpClient.getDefaultInstance()

and Ion.getDefault(c) is on

new AsyncHttpClient(new AsyncServer("ion-" + name));

the example code does not match the usage of Ion.with ..
That was what was confusing here I guess.

@koush
Owner
koush commented Feb 21, 2015

ion.with calls into ion.getDefault.

@koush
Owner
koush commented Feb 21, 2015

oh, you were assuming that ion uses the default asynchttpclient. nah, it has it's own.

@HughJeffner

Is there a reason .setTrustManagers(...) must be called as well? I thought the SSLContext is initialized with a set of trust managers, this seems like a duplication of effort.

@kfwong kfwong referenced this issue in turtle96/synchro-android May 30, 2016
Closed

Calling to HTTPS endpoint failed. SSL certificate issue. #2

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment