Re: Issue 21 in android-xmlrpc: Using the library when addressing SSL encrypted sites which have self-signed SSL certificates.

2 views
Skip to first unread message

android...@googlecode.com

unread,
Oct 20, 2010, 7:16:24 AM10/20/10
to android-x...@googlegroups.com

Comment #2 on issue 21 by borszc...@gmail.com: Using the library when
addressing SSL encrypted sites which have self-signed SSL certificates.
http://code.google.com/p/android-xmlrpc/issues/detail?id=21

Any progress with that issue? SSL with self signed cert is quite common
around

android...@googlecode.com

unread,
Nov 19, 2010, 11:21:25 AM11/19/10
to android-x...@googlegroups.com

Comment #3 on issue 21 by j...@sprig.gs: Using the library when addressing
SSL encrypted sites which have self-signed SSL certificates.
http://code.google.com/p/android-xmlrpc/issues/detail?id=21

Sorry borszczuk, it completely slipped from my radar. I've got a bundle of
other changes to update this week. I'll see what I can do.

In the mean time, deubeuliou, are you able to supply a patch for the code
you implemented or added?

android...@googlecode.com

unread,
Nov 19, 2010, 11:25:31 AM11/19/10
to android-x...@googlegroups.com
Updates:
Owner: j...@sprig.gs

Comment #4 on issue 21 by j...@sprig.gs: Using the library when addressing

SSL encrypted sites which have self-signed SSL certificates.
http://code.google.com/p/android-xmlrpc/issues/detail?id=21

(No comment was entered for this change.)

android...@googlecode.com

unread,
Nov 23, 2010, 3:08:53 PM11/23/10
to android-x...@googlegroups.com
Updates:
Labels: -Type-Defect Type-Enhancement

Comment #5 on issue 21 by j...@sprig.gs: Using the library when addressing

SSL encrypted sites which have self-signed SSL certificates.
http://code.google.com/p/android-xmlrpc/issues/detail?id=21

I'm wary of implementing the referred code, as it completely circumvents
any SSL certificate validataion.

Perhaps we can extend the RPCClient class to accommodate this patch?

I'd still be interested in seeing a patch from deubeuliou for what you've
implemented?

android...@googlecode.com

unread,
Nov 23, 2010, 4:08:06 PM11/23/10
to android-x...@googlegroups.com

Comment #6 on issue 21 by deubeuliou: Using the library when addressing SSL
encrypted sites which have self-signed SSL certificates.
http://code.google.com/p/android-xmlrpc/issues/detail?id=21

As I said, I modified the XMLRPCClient class (only the constuctor) as shown
in the attachement (sorry, not a proper patch format ... but it's only 2
lines).
And added the following class to the project :
http://exchangeit.googlecode.com/svn-history/r23/trunk/src/com/byarger/exchangeit/EasySSLSocketFactory.java
but I also did as that comment did :
http://code.google.com/p/android/issues/detail?id=1946#c10 , that is, using
that "TrivialTrustManager". But you don't want that, and I understand it.

My project didn't evolve much since the last time, and it probably never
will, as I lost my android :( (and have for the moment no longer use of
what I was coding)

I cannot help more than that, sorry.

Attachments:
XMLRPCClient.java.patch 414 bytes

android...@googlecode.com

unread,
Sep 14, 2011, 8:22:24 AM9/14/11
to android-x...@googlegroups.com
Updates:
Owner: ---

Comment #7 on issue 21 by j...@sprig.gs: Using the library when addressing

SSL encrypted sites which have self-signed SSL certificates.
http://code.google.com/p/android-xmlrpc/issues/detail?id=21

I'm no longer able to commit time to this project, and as such, I am
removing myself from any tickets I've previously been involved in.

Reply all
Reply to author
Forward
0 new messages