Android Question HTTP client and Certificates

Discussion in 'Android Questions' started by iCAB, Mar 16, 2019 at 12:50 PM.

  1. iCAB

    iCAB Well-Known Member Licensed User

  2. Erel

    Erel Administrator Staff Member Licensed User

    Does the server expect a client certificate? Or the server certificate is not trusted?
     
  3. iCAB

    iCAB Well-Known Member Licensed User

    • The client supposed to request a certificate from the server.
    • Server replies with two certificates
    This what the spec says:
    "Once the client receives a response from the server, the certificates (certificate1 and certifificate2), in
    base64 format, must be retrieved and recorded in a certificate file. Lastly, the certificates must be securely installed and stored in the client's device"
    .
    Certificate1: contains the digital certificate with the server's public key.
    Certificate2: contains the client's digital certificate


    Two things in here
    • Where do we install the certificates in the device and how?
    • How do we guarantee that the Http client is actually loading and using the proper certificate when communicating with the server
    Thank you
    iCAB
     
    Last edited: Mar 17, 2019 at 3:41 PM
  4. Erel

    Erel Administrator Staff Member Licensed User

    OkHttp currently doesn't support client certificates.
     
  5. iCAB

    iCAB Well-Known Member Licensed User

    What are my options with B4A?
     
  6. Erel

    Erel Administrator Staff Member Licensed User

    You will need to create a library for this.
     
  7. iCAB

    iCAB Well-Known Member Licensed User

    That's going to be a problem for me :(

    Thank you
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice