Thanks a lot. This worked!! I had to change my implementation to use HttpsURLConnection, and could not keep my earlier implementation using DefaultHttpClient. Well, I think as long as it works, it should not make any difference I guess.
Thank you, AJ On Aug 25, 6:02 pm, gcstang <[email protected]> wrote: > See my post here : > > http://groups.google.com/group/android-developers/browse_thread/threa... > > On Aug 24, 2:48 am,Ajay<[email protected]> wrote: > > > Hi, > > > Since my app is going to access our own servers, I think I can use the > > hack of trusting all certificates. I tried the following & still > > fails :-( > > > SchemeRegistry schemeRegistry = new SchemeRegistry(); > > SSLSocketFactory sslSocketFactory = > > SSLSocketFactory.getSocketFactory(); > > > sslSocketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); > > schemeRegistry.register(new Scheme("https", sslSocketFactory, 443)); > > > ClientConnectionManager manager = new > > ThreadSafeClientConnManager(httpParam, schemeRegistry); > > DefaultHttpClient client = new DefaultHttpClient(manager, httpParam); > > > Thank you, > > AJ > > > On Aug 22, 12:10 am, Bob Kerns <[email protected]> wrote: > > > > The CA root certificates have very long expiration dates, so this is > > > much less of a problem than you may assume. > > > > It's still an issue -- CA certs could possibly be revoked in the event > > > of a vulnerability or theft. But those are relatively remote > > > possibilities, beyond what most phone apps would need to consider. > > > > On Aug 21, 9:16 am, DanH <[email protected]> wrote: > > > > > The current cert may only be good for another 6-12 months. And if the > > > > site isn't directly under the control of the app developer, the cert > > > > may change at any time, and may even be changed to use a different > > > > root. > > > > > There's probably no good solution to this problem, but the best I can > > > > think of is to embed another app in your app that simply installs the > > > > necessary cert(s), then have a way for that app to be updated as > > > > needed. > > > > > On Aug 21, 7:09šam, Kostya Vasilyev <[email protected]> wrote: > > > > > > Right, it does. If the site in question is part of the phone > > > > > application's > > > > > infrastructure, I personally would find it acceptable. > > > > > > -- > > > > > Kostya Vasilyev --http://kmansoft.wordpress.com > > > > > > 21.08.2010 16:06 ÐÏÌØÚÏ×ÁÔÅÌØ "DanH" <[email protected]> ÎÁÐÉÓÁÌ: > > > > > > That assumes that the web site's cert won't change for the life of the > > > > > app. > > > > > > On Aug 21, 3:18 am, Kostya Vasilyev <[email protected]> wrote: > > > > > > > šAjay, > > > > > > > A more cryptographically correct solution would be to install the > > > > > > missing Óertfiicate pieces wit... > > > > > > > On Fri, Aug 20, 2010 at 8:46 PM, Kostya Vasilyev > > > > > > > <[email protected] > > > > > > > <mailto:kmans...@gmail.... > > > > > > > š š You being able to open the site in desktop browser and on a > > > > > > > š š Blackberry seems to impl... > > > > > >http://groups.google.com/group/android-developers/browse_thread/threa... > > > > > > > > š š This is a hack to accept all certificates. > > > > > > > > š š -- Kostya > > > > > > > > š š 20.08.2010 16:07,... > > > > > > > š š š š using the following > > > > > > > site:http://www.digicert.com/helpandittold > > > > > > > š š š š that it was installed properly on the server. > > > > > > > > š š š š On Aug 20, 4:39 pm, Kostya V... > > > > > > > š š š š <mailto:[email protected]>> šwrote: > > > > > > > > š š š š š š šAjay, > > > > > > > > š š š š š š This can happen because the certificate is not signed > > > > > > > by... > > > > > > > š š <mailto:[email protected]> > > > > > > > š š To unsubscribe from this group, send email to > > > > > > > š š android-developers+unsubscr...@googleg... > > > > > > > š š > > > > > > > <mailto:android-developers%[email protected]<android-developer > > > > > > > s%[email protected]> > > > > > > > > š š For more options, visit this group at > > > > > > > š šhttp://groups.google.com/group/android-develope... > > -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
