Hi,
I think that the trustAllHosts parameter in FileTransfer is convenient but evil. I propose to add support for self-signed certs to FileTransfer. There does NOT seem to be an open issue for this on Jira: https://issues.apache.org/jira/browse/CB-3576?jql=project%20%3D%20CB%20AND%20text%20~%20self-signed Do you think that this is a good/needed/superfluous effort? Should I create an issue? I created an initial Android implementation here: https://github.com/AxelNennker/cordova-plugin-file-transfer Usage would be as follows: - Add a line like this to www/config.xml <preference name="org.apache.cordova.file-transfer.cacerts" value="cacerts.pem" /> Put the cert into a file and store it into the projects asset directory ignisvulpis@ubuntu:/host/cordova-plugin-file-transfer/phonegap$ ls -l platforms/android/assets/ insgesamt 8 -rwxrwxrwx 1 root root 1310 Dez 10 21:46 cacerts.pem drwxrwxrwx 1 root root 4096 Dez 10 22:51 www ignisvulpis@ubuntu:/host/cordova-plugin-file-transfer/phonegap$ cat platforms/android/assets/cacerts.pem -----BEGIN CERTIFICATE----- MIIDizCCAnOgAwIBAgIJAPh3RC7M50KHMA0GCSqGSIb3DQEBBQUAMFwxCzAJBgNV BAYTAkRFMQ8wDQYDVQQIDAZCZXJsaW4xDzANBgNVBAcMBkJlcmxpbjEXMBUGA1UE CgwOVC1MYWJzIE5lbm5rZXIxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xMzEyMTAy MDQyNTFaFw0xNDEyMTAyMDQyNTFaMFwxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIDAZC ZXJsaW4xDzANBgNVBAcMBkJlcmxpbjEXMBUGA1UECgwOVC1MYWJzIE5lbm5rZXIx EjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANmBMf9r86HiavL10WzVpbBt03JY9JUppwY1BZKtjejw9b7tLypgueBAGBSB jpb5KoaIj01xkGMCySK15JNOgwf2U3zbgmt/IBg5Vk3tBxvGr9i2S3wqmJgeXpcb 8mAgkf/93l2/a/anftwIE6XfmWZqy4nxdX+AZ9hKnyfZs2bW1zxzydOlcFH3NB2e LXWFbYOtTt4jrP9VIM4FL1I+q9RVi5zjNLWayLsEpIRtD9h/kZ5A4S+r16XYvzqp vec5oJ+bOEs7kA2FtFzFeZXASxLd+5Zlx0j/uB0J+iY9y0TOWTcePRJV+d8nQB5p rpQ9zBxHiLJmnO+0sn6N1/FnomUCAwEAAaNQME4wHQYDVR0OBBYEFCXon1DQdFzw URRTzdQGWQ2I0abMMB8GA1UdIwQYMBaAFCXon1DQdFzwURRTzdQGWQ2I0abMMAwG A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAM17byCO4c/wiDgLYHywM6jd fsNP8FL+Bm6Itv1s6mNEQELR8XdQJHGB+TU3WAZk8avXNvFzPwpEN3f/QvAQjN7l noXT+rRkRHJKALSZe2AfBDP7WX9ibk5Vnm3PVnQa46f8vbvuxVEUu5e1YKcR1kXe booucDCp1g3vc9K6tbSyKS04CA+ys6pKHpqlxxVqSxe+1Kii3CeBLVcDXYrQvI22 bi7xIMmV5njur+vkJKaHZtM6LuGe0k5Yw881/CBHCf7Vg3iZt8cqXC1OUo4qLV30 0x+alWlFoz9xtiKcfiaQwQL8O3Uip9VoK52XFGbi9yiTqTDuc1zYpHX8V/cbS3U= -----END CERTIFICATE----- ignisvulpis@ubuntu:/host/cordova-plugin-file-transfer/phonegap$ The implementation is here: https://github.com/AxelNennker/cordova-plugin-file-transfer/blob/master/src/android/FileTransfer.java#L100 I have a general question: How does an application programmer (cordova user) specify resources to be added to the project. I think that merges could be a way to do this but this always merges files into the platforms www directory. On Android this is platforms/android/assets/www but I don't want the file there. Cheers Axel
