Feature #2541
support HTTPS in kerplapp repos
| Status: | Closed | Start date: | 11/19/2013 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | pd0x | % Done: | 0% | |
| Category: | - | |||
| Target version: | 0.1 - "Kerplapp" | |||
| Component: |
Description
implement HTTPS connections in kerplapp
Looks like the existing nanohttpd SSL implementation is pretty limited:
http://stackoverflow.com/questions/9358424/java-ssl-chrome-firefox-sends-g-in-http-header-instead-of-get-http-1-1
Related issues
Associated revisions
Initial Kerplapp SSL repo support.
Lots of work left to be done. Presently generates a new KeyStore with a self
signed cert for each installation. Hardcoded passphrase. All very nasty and
initial, but it works! Requires patched NanoHTTPD.
refs #2541
Refactored SSL, updated crypto to modern BouncyCastle API.
Got rid of the Crypto shell class and extended the SimpleHTTPD class included in
NanoHTTPD to setup SSL automatically. The old deprecated crypto code has been
torn out. I'm reasonably confident I'm using the correct/up to date BouncyCastle
API and following best practices. The error handling definitely needs
improvement.
refs issue #2541
History
#1 Updated by pd0x about 4 years ago
F-Droid client will need to be modified. Presently hard-fails on self-signed HTTPS. See Issue #2542
#2 Updated by hans about 4 years ago
- Status changed from New to Closed