I am calling the web service from my android client via https. I have to check the receipt of the certificate from the server side. How can I do it? This is currently my code that I use to call the web service.
private static String SendPost(String url, ArrayList<NameValuePair> pairs) { // url = "https://....." errorMessage = ""; String response = ""; DefaultHttpClient hc=new DefaultHttpClient(); ResponseHandler <String> res=new BasicResponseHandler(); HttpPost postMethod=new HttpPost(url); try { postMethod.setEntity(new UrlEncodedFormEntity(pairs)); response = hc.execute(postMethod, res); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } catch (ClientProtocolException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } return response; }
How to verify the authenticity of a self-signed certificate received from a server at runtime Post? I need to test using public / private keys. The client will have a CA file. It is just necessary for the client to verify the server certificate using CA, the service is publicly available. This is due to the public / private key. How can I get a certificate from the server before calling the message?
These are a few options and code snippets available in stackoverflow. A few links I found with several answers: Accepting a certificate for HTTP on Android HTTPS GET (SSL) with Android and a self-signed server certificate
But I canβt understand what is good / applicable for me! I do not want to disable everything or accept any. It is necessary to check the public / private keys /
Any help is greatly appreciated.
android certificate ssl web-services
Tvd
source share