Highest Voted 'x509trustmanager' Questions

0

votes

0 answers

Your app is using an unsafe implementation of the X509TrustManager interface with an Apache HTTP client, resulting in a security vulnerability

i had a code which app can access https, just like this : public class HttpsTrustManager implements X509TrustManager { private static TrustManager[] trustManagers; private static final X509Certificate[] _AcceptedIssuers = new…

asked Jun 15 '22 at 16:27

Komang Putra

27
9

0

votes

1 answer

Security implications of trusting all client certificates on a server (Java X509TrustManager)

A custom "empty" X509TrustManager implementation (i.e. one that trusts all certificates, such as this answer: https://stackoverflow.com/a/54358567 or "option 2" in this answer: https://stackoverflow.com/a/2893932) is often recommended on this site…

java ssl x509trustmanager gemini

asked Sep 03 '21 at 16:11

frakomatapa

3
2

0

votes

1 answer

App was rejected for violating our Malicious Behavior or User Data policy and software that contains security vulnerabilities

I have updated the app and it got rejected by play store saying "We rejected Your App, with package name XYZ, for violating our Malicious Behavior or User Data policy. If you submitted an update, the previous version of your app is still available…

android-studio android-manifest android-security trustmanager x509trustmanager

asked Dec 14 '20 at 08:11

konda rahul

141
1
1
11

0

votes

1 answer

Vulnerability issue with Android app. X509 implementation

Recently started receiving email notifications from Google regarding my Android app suggesting below To properly handle SSL certificate validation, change your code in the checkServerTrusted method of your custom X509TrustManager interface to raise…

android android-studio x509trustmanager

asked Dec 14 '20 at 07:30

Lalit Choudhary

1

0

votes

0 answers

What is the problem with this implementation of X509TrustManager?

I have to apps in the PlayStore, both have the same implementation of the X509TrustManager but one keeps being flagged as having an 'insecure implementation ', but the code is identical... I would appreciate some help/tips on how this can be…

java android android-security x509trustmanager

asked Sep 14 '20 at 10:09

Edward Tattsyrup

245
1
3
15

0

votes

0 answers

What all parameters are validated in checkServerTrusted method of X509TrustManager?

I am writing code to verify the server certificate chain at client side using X509TrustManager implementation . Is the checkServerTrusted methods validates algorithem, issuers etc. of the remote certificates? i have written the complete…

java https certificate x509trustmanager

asked Aug 07 '19 at 06:34

Deepak Pareek

39
1
8

0

votes

0 answers

Override default X509TrustManager in SpringBoot

I am trying to use my DummyX509TrustManager with Springboot. In order to do that I write the following class: @Configuration public class DummyComponent { @PostConstruct public void sslContextConfiguration() { try { SSLContext…

java spring-boot x509trustmanager

asked Jun 05 '18 at 10:39

rocky

76
1
7

0

votes

1 answer

Finding if a SSL certificate is Signed

I am new to android. I have written code for ios and want similar algo in android. Here is the scene. I have 2 types of servers- 1. with self signed cert 2. with signed cert. Now in ios I use following steps to decide whether it is signed or…

android ssl x509trustmanager

asked Apr 11 '18 at 16:16

Durgaprasad

1,910
2
25
44

0

votes

0 answers

Use X509TrustManager for SSL in android

I simply update gradle and some version of the app and the app is rejected by Google. I am calling SOAP services using ksop library. Email by Google We rejected your app, with package name blah.blah.blah, for violating our Malicious Behavior or…

android ssl-certificate x509certificate x509trustmanager

asked Apr 04 '18 at 12:21

ZA BroadPeak

29
1
9

0

votes

0 answers

Will the username and password be sent over the internet in plain text?

I am using this snippet to authenticate with a https & htpasswd protected server: Authenticator.setDefault(object : Authenticator() { override fun getPasswordAuthentication(): PasswordAuthentication { return…

android x509certificate httpsurlconnection sslsocketfactory x509trustmanager

asked Jan 14 '18 at 23:31

Aurelius Schnitzler

511
2
8
18

0

votes

2 answers

Can not configure AhcWSClient in Akka-http 10.10 to AcceptAnyCertificate

I'd like to get a suggestion how to configure to AhcWSClient in Akka-http 10.10 to AcceptAnyCertificate. It seems either akka-http ignores this setting or overwrites it somewhere. Here it is the config: val config = new…

ssl playframework akka-http ws-client x509trustmanager

asked Nov 22 '17 at 23:08

Alex Shcherbyna

301
4
9

0

votes

0 answers

Android Private Certifiacte in Rest Service

My App works with many Restservices with different Certificates. I open a HttpsURLConnection and that's working fine. But now 3 Servicepoints have a private root CA, so I get an Trust anchor for certification path not found Error in my App. How can…

java android ssl x509trustmanager

asked Sep 20 '17 at 13:34

Metti

85
1
8

0

votes

0 answers

Best way to implement a custom X509TrustManager to validate cert OR provided thumbprint

Fairly new to Java security, am trying to write custom X509TrustManager to verify that when I connect to a server, it either has a trusted cert chain (from a truststore I have configured), OR, if not, then that the certificate it presents has one of…

x509certificate java-security x509trustmanager

asked Mar 24 '17 at 20:41

sp2

1

Questions tagged [x509trustmanager]