ocram
commented
8 years ago Thanks for your question!
Can you try and see what happens?
I'd expect you'll see a javax.net.ssl.SSLHandshakeException somewhere. From the Android documentation:
This can happen for several reasons, including:
- The CA that issued the server certificate was unknown
- The server certificate wasn't signed by a CA, but was self signed
- The server configuration is missing an intermediate CA [...] In this case, the SSLHandshakeException occurs because you have a CA that isn't trusted by the system. It could be because you have a certificate from a new CA that isn't yet trusted by Android or your app is running on an older version without the CA. More often a CA is unknown because it isn't a public CA, but a private one issued by an organization such as a government, corporation, or education institution for their own use. [...] A TrustManager is what the system uses to validate certificates from the server and—by creating one from a KeyStore with one or more CAs—those will be the only CAs trusted by that TrustManager.
-- https://developer.android.com/training/articles/security-ssl.html#CommonProblems
In TubeSock, which is the WebSocket library that we use, there is an open pull request that adds support for a custom TrustManager: https://github.com/firebase/TubeSock/pull/8
As can be seen, this can be implemented with changes in just a few lines.
Does this help?
musriabhijit
Can I use this framework with a self signed certifcate?