luelista
commented
10 years ago Hi, I still don't see/understand how to do this on Android natively, it seems to be a all or nothing thing - either accept all certs, or only the official CA approved ones. I just had a look at Onionkit, looks pretty good, except they apparently removed the certificate stuff for security reasons(?).
Connecting to a site with a self-signed certificate simply fails, but also silently resets the protocol button to http. You might want to use the Guardian Project's OnionKit library to handle SSL, allowing the user more control over which certificates they trust: https://github.com/guardianproject/OnionKit