[Feature Request] - Trust user self-signed CA certificates

[KalyaSc]

First of all, thank you for your time/effort and investement in building your application ! It's awesome !!

I managed to open the app with my self-signed certificate by recompiling the app with the following instructions:

https://stackoverflow.com/a/71542188

While it works great, it would feel more "legit" if tempo would natively accept user's certificate:

source

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <base-config cleartextTrafficPermitted="false">
        <trust-anchors>
            <certificates src="user"/>
            <certificates src="system"/>
        </trust-anchors>
    </base-config>
</network-security-config>

I'm not a developer or in any kind related to devop, android security, so I have no idea if this is the correct way of doing things, but that "workaround" works on my android a71 with user trusted rootCA.

OUT OF CONTEXT First time Android Studio user... It felt like being a pilote in a cockpit without flying licence xD Respect to all developers !

[CappielloAntonio]

Hi @KalyaSc, I'm about to release a new version with the changes you suggested. Once you have installed the CA on the device, can you try the app signed in release mode? This is a new topic for me that I have never dealt with, so I would like to do some testing.

[KalyaSc]

Hi @CappielloAntonio !

I just removed your app from my android and reinstalled your new version, and it still doesn't work.

java.security.cert.CertPathValidatorException: Trust anchor for certification... 

The error is cropped so I can't pass the whole error thrown at me and i have no idea how to log everything on Android :|. I will test the recompiling I did last time to see if it works, I keep in touch !

PS: If it's something that could cause some instability or security issues, please don't take your time to somehow fiddle your app for my special needs. We shouldn't mess security over convenience ! And self-signed certificate is somehow a niche audience :) !

Edit: Sorry I'm also new to github, I closed as completed :|

[KalyaSc]

Here are my findings !

If I recompile the app myself with your native source package, it works. Probably because when I repack it myself (without changing anything) with Android Studio it's in debug mode. That's what the file name suggest.

Android Studio -> Build -> Build bundle/APK(s) -> Build APK(s) => app-notquitemy-debug.apk

I'm searching through the web what could be the culprit or even how to fix it, but don't put to much work into solving that issue :) In the mean time I could just recompile it myself every time a new versions is out, until you find the time to solve that specific issue!

Thanks again !

Edit: @CappielloAntonio

Is there a specific reason why you put the user source in debug overrides? Because as it suggest, the user certificates will only work with an app in debug mode.

    <debug-overrides cleartextTrafficPermitted="true">
        <trust-anchors>
            <certificates src="user" />
        </trust-anchors>
    </debug-overrides>

After recompiling the app with the build variant tempoRelease, and building it with a signed APK with the following network_security_config.xml:

<network-security-config>
    <base-config cleartextTrafficPermitted="true">
        <trust-anchors>
            <certificates src="system" />
            <certificates src="user" />
        </trust-anchors>
    </base-config>
</network-security-config>

It works :)! What are your thoughts on this?

[CappielloAntonio]

Hi @KalyaSc, your help was invaluable, thanks so much! As I said in the previous comment, it is a totally new situation for me which personally does not bother me. But whether it's a niche situation or not, it doesn't matter, I would like it not to be a factor that leaves anyone behind.

Regarding your question: I think it was an oversight or too much faith placed in Android Studio's suggestions (for security reasons).

Anyway it should work now and it is coming in the next release!

[KalyaSc]

Heyha ! Thank you for your kind words !

I'm a bit late sorry, end of year and everything (BTW happy new year 👯 ). Your app worked wonderfully with the recompiled apk on new year's 💯 thank you ! I just installed the new version and I'm happy to say it works :)

Side note, I dug a bit around and read about that the "most" secure way ? to use self-signed certificate was certificate pinning. BUT after looking at the Bitwarden android apk, which is supposed to be secure, I found that they also use <certificates src="user" /> in their network_security_config.xml 👏 .