Giving a debug certificate in the network_security_config.xml does not work. This only reveals itself on API < 24, as the certificate is read by TrustKit and not the Android system, but the parsing fails in all cases.
When debugging the Trustkit initialization, the TrustKitConfigurationParser#readDebugOverrides line String caPathFromUser = parser.getAttributeValue(null, "src").trim();
returns @2131558400 instead of the expected @raw/certificate.
This is probably because aapt converts all the references instead of keeping raw strings.
As a result, the parser skips this resource, because it does not start with @raw.
To Reproduce
Use the network file with a certificate on API <24, it will not be read and thus not used in subsequent HTTP calls.
App details:
App target SDK: 19
App language: Kotlin
Android version to reproduce the bug: Android Marshmallow (23), Android Pie (28)
Giving a debug certificate in the
network_security_config.xml
does not work. This only reveals itself on API < 24, as the certificate is read by TrustKit and not the Android system, but the parsing fails in all cases.When debugging the Trustkit initialization, the TrustKitConfigurationParser#readDebugOverrides line
String caPathFromUser = parser.getAttributeValue(null, "src").trim();
returns@2131558400
instead of the expected@raw/certificate
.This is probably because
aapt
converts all the references instead of keeping raw strings.As a result, the parser skips this resource, because it does not start with
@raw
.To Reproduce Use the network file with a certificate on API <24, it will not be read and thus not used in subsequent HTTP calls.
App details: