You're welcome, you may also want this if you plan on targeting
devices with Android prior to 2.2
Add this line before you start initializing anything (this bug is
documented in the forum but not easy to find, otherwise you see that
every other response will not be returned properly, it doesn't hurt to
leave it for all versions):
System.setProperty("http.keepAlive", "false");
On Aug 30, 1:49 am, Ajay <aja...@gmail.com> wrote:
> Thanks a lot. This worked!!
>
> I had to change my implementation to use HttpsURLConnection, and could
> not keep my earlier implementation using DefaultHttpClient. Well, I
> think as long as it works, it should not make any difference I guess.
>
> Thank you,
> AJ
>
> On Aug 25, 6:02 pm, gcstang <gcst...@gmail.com> wrote:
>
> > See my post here :
>
> >http://groups.google.com/group/android-developers/browse_thread/threa...
>
> > On Aug 24, 2:48 am,Ajay<aja...@gmail.com> wrote:
>
> > > Hi,
>
> > > Since my app is going to access our own servers, I think I can use the
> > > hack of trusting all certificates. I tried the following & still
> > > fails :-(
>
> > > SchemeRegistry schemeRegistry = new SchemeRegistry();
> > > SSLSocketFactory sslSocketFactory =
> > > SSLSocketFactory.getSocketFactory();
>
> > > sslSocketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
> > > schemeRegistry.register(new Scheme("https", sslSocketFactory, 443));
>
> > > ClientConnectionManager manager = new
> > > ThreadSafeClientConnManager(httpParam, schemeRegistry);
> > > DefaultHttpClient client = new DefaultHttpClient(manager, httpParam);
>
> > > Thank you,
> > > AJ
>
> > > On Aug 22, 12:10 am, Bob Kerns <r...@acm.org> wrote:
>
> > > > The CA root certificates have very long expiration dates, so this is
> > > > much less of a problem than you may assume.
>
> > > > It's still an issue -- CA certs could possibly be revoked in the event
> > > > of a vulnerability or theft. But those are relatively remote
> > > > possibilities, beyond what most phone apps would need to consider.
>
> > > > On Aug 21, 9:16 am, DanH <danhi...@ieee.org> wrote:
>
> > > > > The current cert may only be good for another 6-12 months. And if the
> > > > > site isn't directly under the control of the app developer, the cert
> > > > > may change at any time, and may even be changed to use a different
> > > > > root.
>
> > > > > There's probably no good solution to this problem, but the best I can
> > > > > think of is to embed another app in your app that simply installs the
> > > > > necessary cert(s), then have a way for that app to be updated as
> > > > > needed.
>
> > > > > On Aug 21, 7:09šam, Kostya Vasilyev <kmans...@gmail.com> wrote:
>
> > > > > > Right, it does. If the site in question is part of the phone
> > > > > > application's
> > > > > > infrastructure, I personally would find it acceptable.
>
> > > > > > --
> > > > > > Kostya Vasilyev --http://kmansoft.wordpress.com
>
> > > > > > 21.08.2010 16:06 ÐÏÌØÚÏ×ÁÔÅÌØ "DanH" <danhi...@ieee.org> ÎÁÐÉÓÁÌ:
>
> > > > > > That assumes that the web site's cert won't change for the life of
> > > > > > the
> > > > > > app.
>
> > > > > > On Aug 21, 3:18 am, Kostya Vasilyev <kmans...@gmail.com> wrote:
>
> > > > > > > šAjay,
>
> > > > > > > A more cryptographically correct solution would be to install the
> > > > > > > missing Óertfiicate pieces wit...
> > > > > > > > On Fri, Aug 20, 2010 at 8:46 PM, Kostya Vasilyev
> > > > > > > > <kmans...@gmail.com
> > > > > > > > <mailto:kmans...@gmail....
> > > > > > > > š š You being able to open the site in desktop browser and on a
> > > > > > > > š š Blackberry seems to impl...
>
> > > > > >http://groups.google.com/group/android-developers/browse_thread/threa...
>
> > > > > > > > š š This is a hack to accept all certificates.
>
> > > > > > > > š š -- Kostya
>
> > > > > > > > š š 20.08.2010 16:07,...
> > > > > > > > š š š š using the following
> > > > > > > > site:http://www.digicert.com/helpandittold
> > > > > > > > š š š š that it was installed properly on the server.
>
> > > > > > > > š š š š On Aug 20, 4:39 pm, Kostya V...
> > > > > > > > š š š š <mailto:kmans...@gmail.com>> šwrote:
>
> > > > > > > > š š š š š š šAjay,
>
> > > > > > > > š š š š š š This can happen because the certificate is not
> > > > > > > > signed by...
> > > > > > > > š š <mailto:android-developers@googlegroups.com>
> > > > > > > > š š To unsubscribe from this group, send email to
> > > > > > > > š š android-developers+unsubscr...@googleg...
> > > > > > > > š š
> > > > > > > > <mailto:android-developers%2bunsubscr...@googlegroups.com<android-developer
> > > > > > > > s%252bunsubscr...@googlegroups.com>
>
> > > > > > > > š š For more options, visit this group at
> > > > > > > > š šhttp://groups.google.com/group/android-develope...
--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
