Self-signed SSL certificate for API?

Question

Self-signed SSL certificate for API?

Closed this issue 5 months ago · 6 comments

BahamutRU commented 5 months ago

Install root certificate in Android Trusted, but https://… in API doesn't work. =(

Answer 1 · 2024-09-15T09:50:42.000Z

Im not certain what this means, https should work. What error is getting logged?

Answer 2 · 2024-09-16T07:01:01.000Z

I don't know. =(
I added certificate into Trusted (Settings->Security), and it's work in browser, but not in app. =(

Answer 3 · 2024-09-16T13:59:03.000Z

For local IP addresses, I dont think https is required. Have you tried just using http?

Answer 4 · 2024-09-16T15:38:34.000Z

But I'm not always at home... But the server is.

Screenshot just example, I was at home at the time.

For public IP address, I prefer https. =)

It would be nice if the program took certificates from Encryption & Credentials self-signed CA storage.

I'm not an android developer, but maybe this will help?

https://developer.android.com/privacy-and-security/security-config?hl=ru#TrustingAdditionalCas

<certificates src=["system" | "user" | "raw resource"]
              overridePins=["true" | "false"] />

"user" for user-added CA certificates

from here: https://stackoverflow.com/a/71535883

Answer 5 · 2024-09-16T16:36:14.000Z

At the moment, I'm not too sure what are the possible security concerns this may raise, for now, i'd suggest using services vpn services such as Tailscale or Zerotier for routing to private networks remotely. Though it is possible to implement, it would require some prebuild configuration which is rather annoying.

I'll update this issue once I've decided on a resolution.

Answer 6 · 2024-09-21T12:44:58.000Z

Pre-release uploaded that should grant the use of user-defined SSL certs. UI on pre-release is a bit buggy.

Feel free to reopen the issue if it doesn't work.