1

I'm using nanoHttpd on Android to serve files inside the local network. The device's ip address is dynamic.

I setup https with a certificate generated with keytool, which works fine, but results in the nasty certificate warning in Chrome. And after the user proceeds , the "https://" is still marked in red as "Not secure".

In my opinion, this warning irritates users more then the "Not secure" when using http.

So my question is: How can I provide content in the local network securely without irritating users? Is the only possible way using an (external) server with a valid ssl certificate?

Iceman
  • 447
  • 1
  • 4
  • 9
  • If the device's IP address is dynamic then how do users find it? – President James K. Polk Aug 26 '18 at 20:10
  • @JamesKPolk Users see the IP address on the android device, and then connect via a browser in the local network. – Iceman Aug 27 '18 at 05:29
  • I wish I had a good answer but I can't think of any. A not-so-good answer is to install your own homemade root certificate in each user's browser (hard) and dynamically create a new certificate on the Android device every time IP address changes (easy). – President James K. Polk Aug 27 '18 at 13:01
  • @JamesKPolk thank you for your answer. Unfortunately that is not an option, since the users are just normal users which wont be able to install a root certificate neither understand why they should. In the end, for the user it should be the same experience as calling a normal https domain. – Iceman Aug 27 '18 at 13:12

0 Answers0