On Tue, Jul 1, 2014 at 1:36 PM, 'Brian Carlstrom' via Android Security Discussions <[email protected]> wrote: > I sketched out some sample code. These aren't Android specific APIs. > You call an X509TrustManager, you don't write one. You get one from a > TrustManagerFactory. you need to provide the intermediate CA along > with the server cert, it just does come up with that out of thin air. :) +1.
That's a PKI and SSL/TLS best practice. See https://owasp.org/index.php/Transport_Layer_Protection_Cheat_Sheet#Rule_-_Always_Provide_All_Needed_Certificates. Jeff -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/d/optout.
