Skip to content

bitfireAT/cert4android

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

189 Commits

.github/workflows

.github/workflows

 
 

.tx

.tx

 
 

gradle

gradle

 
 

lib

lib

 
 

sample-app

sample-app

 
 

.gitignore

.gitignore

 
 

AUTHORS

AUTHORS

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

build.gradle.kts

build.gradle.kts

 
 

gradle.properties

gradle.properties

 
 

gradlew

gradlew

 
 

gradlew.bat

gradlew.bat

 
 

jitpack.yml

jitpack.yml

 
 

run-tests.sh

run-tests.sh

 
 

settings.gradle

settings.gradle

 
 

Repository files navigation

License Tests KDoc Latest Version

cert4android

cert4android is a library for Android to manage custom certificates which has been developed for DAVx⁵. Feel free to use it in your own open-source app.

This software is not affiliated to, nor has it been authorized, sponsored or otherwise approved by Google LLC. Android is a trademark of Google LLC.

Generated KDoc: https://bitfireat.github.io/cert4android/

For questions, suggestions etc. use Github discussions. We're happy about contributions! In case of bigger changes, please let us know in the discussions before. Then make the changes in your own repository and send a pull request.

Features

  • uses a service to manage custom certificates
  • supports multiple threads and multiple processes (for instance, if you have an UI and a separate :sync process which should share the certificate information)

How to use

  1. Add the jitpack.io repository to your project's level build.gradle: 
    allprojects {
    repositories {
        // ... more repos
        maven { url "https://jitpack.io" }
    }
}
    or if you are using settings.gradle: 
    dependencyResolutionManagement {
    repositoriesMode.set(RepositoriesMode.FAIL_ON_PROJECT_REPOS)
    repositories {
        // ... more repos
        maven { url "https://jitpack.io" }
    }
}
  2. Add the dependency to your module's build.gradle file: 
    dependencies {
   implementation 'com.github.bitfireAT:cert4android:<version>'
}
  3. Create an instance of CustomCertManager (Context is required to connect to the CustomCertService, which manages the custom certificates).
  4. Use this instance as X509TrustManager in your calls (for instance, when setting up your HTTP client). Don't forget to get and use the hostnameVerifier(), too.
  5. Close the instance when it's not required anymore (will disconnect from the CustomCertService, thus allowing it to be destroyed).

Example of initialzing an okhttp client:

val keyManager = ...
CustomCertManager(...).use { trustManager ->
    val sslContext = SSLContext.getInstance("TLS")
    sslContext.init(
        if (keyManager != null) arrayOf(keyManager) else null,
        arrayOf(trustManager),
        null
    )
    val builder = OkHttpClient.Builder()
    builder.sslSocketFactory(sslContext.socketFactory, trustManager)
           .hostnameVerifier(hostnameVerifier)
    val httpClient = builder.build()
    // use httpClient
}

You can overwrite resources when you want, just have a look at the res/strings directory. Especially certificate_notification_connection_security and trust_certificate_unknown_certificate_found should contain your app name.

License

Copyright (C) Ricki Hirner and contributors.

This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under the conditions of the GNU GPL v3.

About

Android service + TrustManager for managing custom certificates in an app-private key store

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

15 stars

Watchers

6 watching

Forks

6 forks
Report repository

Contributors 3

  •  
  •  
  •  

Languages