Android Question HTTP client and Certificates

iCAB

Well-Known Member
Licensed User
Does the server expect a client certificate? Or the server certificate is not trusted?
  • The client supposed to request a certificate from the server.
  • Server replies with two certificates
This what the spec says:
"Once the client receives a response from the server, the certificates (certificate1 and certifificate2), in
base64 format, must be retrieved and recorded in a certificate file. Lastly, the certificates must be securely installed and stored in the client's device"
.
Certificate1: contains the digital certificate with the server's public key.
Certificate2: contains the client's digital certificate


Two things in here
  • Where do we install the certificates in the device and how?
  • How do we guarantee that the Http client is actually loading and using the proper certificate when communicating with the server
Thank you
iCAB
 
Last edited:
Top