Android WSS Trust

[Erhannis]

Concerning making WSS connections on Android:
I've discovered that by using a modified piece of SSLClientExample.java, you can just use the device's default trust managers. If, before calling connect(), you insert these 4 lines:

SSLContext sslContext = null;
sslContext = SSLContext.getInstance( "TLS" );
sslContext.init(null, null, null);
mClient.setWebSocketFactory(
new DefaultSSLWebSocketClientFactory(sslContext));

then connect() apparently uses the certificate managers you'd expect, which it doesn't seem to do, otherwise. Seems like this is an easy fix that should be mentioned somewhere, like in the "WSS" section of the readme.

[Davidiusdadi]

sorry for my late response and thank you very much for the info.

Your code sample will not work on ALL android platforms though so i would like to know which android version you are talking about.

[Erhannis]

Ah; would you happen to be referring to the InvalidKeyException (the bug in Cipher.java, etc) I learned about the other day? Yeah, it turns out that the above code only seems to work on android SDK version 16 and above, because of that. Except that my phone was working fine, and it's 2.something. In any case, yes, I did discover that. How difficult do you think it would be, by the way, to implement things with SSLSockets instead of SSLEngines?

(also, a note: in Draft_76.java, on line 133, using !...isEmpty() rather than .length() > 0 is the only thing in the library that is noticeably incompatible with Android SDK 8; you might consider changing it.)

[Erhannis]

Oh, I just noticed your post. Oops. However, it seems to link to a different issue than I was thinking. I was thinking of:
#184
(though I think the one you linked also links to 184.)
I recently tested the code I posted (up top) on the emulators for SDK versions 8 through 17, and they all SEEMED to have the same problem (Cipher.java bug) - however, since it just closes the connection rather than display the error, it's possible some of them gave a different error. All the ones I thoroughly debugged were having errors related to Cipher.java, though.

[marci4]

Hello @Erhannis,

you may wanna check out this example here.

Greetings
marci4