[TIMOB-11697] Android: Support SSL certificate store with HTTP Client
GitHub Issue | n/a |
---|---|
Type | Sub-task |
Priority | High |
Status | Closed |
Resolution | Fixed |
Resolution Date | 2012-12-04T00:39:34.000+0000 |
Affected Version/s | n/a |
Fix Version/s | Release 3.1.0, 2012 Sprint 25, 2012 Sprint 25 Core |
Components | Android |
Labels | n/a |
Reporter | Allen Yeung |
Assignee | Allen Yeung |
Created | 2012-11-08T00:43:25.000+0000 |
Updated | 2017-03-09T18:16:11.000+0000 |
Description
Attachments
File | Date | Size |
---|---|---|
com.certificatestore-android-0.1.zip | 2013-03-26T02:53:53.000+0000 | 33827 |
sslTest.zip | 2012-11-16T02:50:00.000+0000 | 3739730 |
webserver.zip | 2012-11-16T02:50:00.000+0000 | 461978 |
For android it will require the user be able to configure the SSL context. So we need to expose hooks in the HTTPClient for the user to specify the keyManagers and trustManagers to be used for the request. The actual parsing and loading of certificate data and implementation of the managers can be done in a module.
Testing Steps: To test this issue, you will need to setup a local webserver that supports ssl. There is some nodejs code attached to this ticket that will act as a webserver. You will need to have node.js installed for this to work. I have node v0.8.14 installed, but a relatively recent version should work. First you will need to set up the web server: 1. Unzip the webserver.zip 2. Inside the zip you will find a server.js 3. run the server.js: 'node server.js' 4. when prompted for a password, just use 'password' 5. leave the webserver running while running the app Running the app: 1. Import the attached project into studio 2. Open up app.js and modify the url https://192.168.1.10:5678 You will need to change 192.168.1.10 to the IP address of your computer. You can find this info under System Preferences > Network 3. Install the app to the device and run it. (If you are running this on device, you will need to connect to the same network as your computer) 4. You should see a success message Additional test cases: We also want to test to make sure not specifying a certificate fails and using an invalid certificate fails. - Inside app.js, change the addCertificate() call to use 'server2.p12' instead of 'server.p12'. Run the app, and you should see an error message. - Inside app.js, comment out the line: client.addTrustManager(certificateStore.getTrustManager()); This should make it so we don't use the certificate store. Run the app, and you should see an error message.
PR: https://github.com/appcelerator/titanium_mobile/pull/3433 This is to expose hooks for the SSL cert module
Above PR was closed. Changes are incorporated into this PR https://github.com/appcelerator/titanium_mobile/pull/3429
Verified as working as expected. TiSDK 3.1.0.v20130405170202 CLI version 3.1.0-cr Android Google Nexus One and Android emulator
Closing ticket as fixed.