httpclient ssl certificate on android

Question

I have some troubles with ssl using httpclient on android i am trying to access self signed certificate in details i want my app to trust all certificates ( i will use ssl only for data encryption). First i tried using this guide http://hc.apache.org/httpclient-3.x/sslguide.html on Desktop is working fine but on android i still got javax.net.ssl.SSLException: Not trusted server certificate. After searching in google i found some other examples how to enable ssl.

http://groups.google.com/group/android-developers/browse_thread/thread/62d856cdcfa9f16e - Working when i use URLConnection but with HttpClient still got the exception.

http://www.discursive.com/books/cjcook/reference/http-webdav-sect-self-signed.html - on Desktop using jars from apache is working but in android using included in SDK classes can't make it work.

http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/200808.mbox/%3C1218824624.6561.14.camel@ubuntu%3E - also get the same exception

So any ideas how can i trust all certificates on android using HttpClient

Answer 1

If you happen to look at the code of DefaultHttpClient, it looks something like this:

   @Override
    protected ClientConnectionManager createClientConnectionManager() {
        SchemeRegistry registry = new SchemeRegistry();
        registry.register(
                new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
        registry.register(
                new Scheme("https", SSLSocketFactory.getSocketFactory(), 443));

        ClientConnectionManager connManager = null;     
        HttpParams params = getParams();
        ...
    }

Notice the mapping of https scheme to org.apache.http.conn.ssl.SSLSocketFactory.getSocketFactory().

You can create a custom implementation for org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory interface (http://hc.apache.org/httpclient-3.x/apidocs/org/apache/commons/httpclient/protocol/SecureProtocolSocketFactory.html) wherein, you can create java.net.SSLSocket with a custom TrustManager that accepts all certificate.

You may want to look into JSSE for more details at http://java.sun.com/j2se/1.4.2/docs/guide/security/jsse/JSSERefGuide.html