On Thu, Nov 20, 2014 at 11:13 AM, Scott Jackson <daneren2...@gmail.com> wrote:
> No, I am using a custom SSLSocketFactory implementation which accepts Self
> Signed Certs:
> https://github.com/daneren2005/Subsonic/blob/master/src/github/daneren2005/dsub/service/ssl/SSLSocketFactory.java
I hope you are not actually using TrustSelfSignedStrategy in
production, because:
public class TrustSelfSignedStrategy implements TrustStrategy {
public boolean isTrusted(final X509Certificate[] chain, final
String authType)
throws CertificateException {
return true;
}
}
This ends up trusting any and all certificates.
--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
---
You received this message because you are subscribed to the Google Groups
"Android Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to android-developers+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
