Open GrmpCerber opened 8 years ago
I would like to know how many people use this since this could take quite a lot of time to get this implemented. For instance, I'd have to change my server to use TLS. It took quite some time to get self signed certificates working so my guess this wouldn't be any different.
I'm ready to help ;) (after all I used to be a core java developper in another life, yet, I'm not "Android fluent" ;) )
I was able to track this down to the null
param in this line, but from my experience, this means it should use the default KeyManager which it does not here.
It's failing with a SslHandshake exception with a cryptic hex string and I'm not presented with a "choose your certificate" popup.
Is there a way to get the full stack trace ?
I've been reading up on mutual authentication but it's very specific and you'd have to be quite knowledgeable to have this implemented in both your phone and server. I'll think about it though.
Client authentication with X509 certificate would be great to secure access to domoticz. Server side setup is already explained on domoticz's wiki: https://www.domoticz.com/wiki/Secure_Nginx_Proxy_Setup
@GwennG Server side is already implemented and working.
It would be nice if the client was able to execute a TLS mutual authentication (with an X509 certificate), thus enhancing server security. (HTML client via Chrome is dealing fine with it)