Accept self signed SSL certificates to be able to sync securely with Rainy
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
Tomdroid | Status tracked in Stable | |||||
Beta |
Fix Released
|
High
|
Unassigned | |||
Stable |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
We need to accept self signed SSL certificates to be able to sync securely with Rainy.
Ideally it would look like this:
On authentification (and on any other sync, the certificate could change...) we should catch the ssl exception,
extract the certificate and show it to the user.
If the user agrees, we will store the certificate and use it.
For a quick fix we could just accept all certificates. There is of course the chance of a man in the middle attack in this case.
further reading:
http://
http://
http://
description: | updated |
Changed in tomdroid: | |
status: | Fix Committed → Fix Released |
Added the quick hack and will report a new bug for the proper one!