self-signed certificates

[pcause]

Can you add an option to set up of the app to ignore the error for self-signed certificate. Yes, I also asked for this in the main app, but I know you can do this for android apps as I have other apps that do this. I understand the security issue so perhaps warn the used when they select to do this.

[jkurei]

I'm running into the same issue. I installed my self-signed cert on my phone but for some reason the app doesn't use it.

May be there is no need to fix this with code if there is some way to make it use it...

[jkurei]

I couldn't make it work with my self-signed cert. I switched to a Let's Encrypt cert and it didn't work either.

I've fixed this issue by putting the OkHttp3 client in a wrapper with a custom trust provider. I've also modified the Settings page by adding three options:

• use the default certs, adding the let's encrypt one just in case;
• use a custom cert, with an option to paste your .pem, specially intended for self-signed certs;
• and finally, just for testing, an option to trust all certs (shows a warning).

@zadam I can send you a PR, if you think some of this has value. The changes are in this commit, but because I am not used to android development I modified a lot of unrelated files. The relevant ones:

• CustomTrust, a poorly named wrapper on okhttp3: (in Java because it's what I know best, but I can convert it to kotlin easily.

• Login activity and its layout, where i've added the new fields.

I love Trillium and I really like some of the changes you've been doing since I last used it; this simple app is also a great extra. Thanks a lot for your work!

[zadam]

@jkurei looks good, send a PR ;-)