traccar/traccar-client-android

Add disable certificate validation option

AshkanRafiee opened this issue · 3 comments

Is your feature request related to a problem? Please describe.
Traccar server is behind reverse proxy with self-signed certificate. (not using a domain and connect directly with ip)
Traccar android client can not connect to server and there is no option to disable certificate validation and ignore the warnings related to.

Describe the solution you'd like
It would be great to add an option in android client to disable certificate validation and ignore related errors.

I'm pretty sure we discussed this before at some point. I just don't understand the use case of not using a valid certificate.

Thank you for your response @tananaev. I understand that using valid certificates is crucial for secure communication. However, I would like to emphasize the importance of incorporating a feature to disable certificate validation in the Traccar Android client. Here's why:

  1. Testing and Development: During the development phase, working with self-signed certificates is often necessary for quick testing and prototyping. Having the option to disable certificate validation would streamline these processes and save valuable time.
  2. Private Deployments and Local Networks: Many Traccar users deploy the server in closed environments, such as local networks or private deployments. In these cases, self-signed certificates are commonly used. Allowing certificate validation disablement would enable smooth connectivity for these users without the need for additional steps.
  3. Flexibility for Users: By including the option to disable certificate validation, Traccar Android client becomes a more versatile tool that can adapt to a wider range of user scenarios. It grants users the freedom to choose the best approach based on their specific needs and circumstances.

I kindly request you to reconsider adding this feature to the Traccar Android client. It would greatly enhance the application's flexibility and usability, ultimately benefiting a significant portion of your user base.

Additionally, it's worth noting that some users may not want to purchase a domain for their Traccar server and prefer to access it solely through the IP address. In such cases, the ability to disable certificate validation becomes even more relevant, as it allows these users to connect securely without the need for a valid certificate tied to a specific domain.

By accommodating this user preference and providing an option to disable certificate validation, Traccar Android client would cater to a broader audience, meeting their diverse requirements and ensuring a seamless user experience.

If you want to send a pull request, I don't mind, but I don't see a strong argument for us to invest time into this. It's a very rare scenario when it actually makes sense.