Android ignore self signed certificate
You can use Volley Android library for that.
You will need to add the below code on the onCreate() of your application class. By overwriting the X509Certificate basically you will accept all certificates.
try {
TrustManager[] victimizedManager = new TrustManager[]{
new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
X509Certificate[] myTrustedAnchors = new X509Certificate[0];
return myTrustedAnchors;
}
@Override
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
}
};
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, victimizedManager, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String s, SSLSession sslSession) {
return true;
}
});
} catch (Exception e) {
e.printStackTrace();
}
Ravi
Software Developer working to make world smart & and giving back to Society, so i am working in different languages technologies. KeystoneJS,openstack,C/C++,Android ,Python.
Updated on June 04, 2022Comments
-
Ravi almost 2 years
My Android App is connecting to https self-signed server & it is working fine with using client certificates (.cer file).
Can Android App be connected to https self-signed server WITHOUT using client Certificates. --> If answers is YES then which library can be used for that. I know this would not be best method to achieve as it is https server, but this is what i need.