Add support for self signed certificates

[koush]

Need support for custom SSL Context and TrustManagers for use during SSL handshaking.

[koush]

Fixed with:

Ion.getDefault(getContext()).getHttpClient().getSSLSocketMiddleware().setTrustManagers(...);
Ion.getDefault(getContext()).getHttpClient().getSSLSocketMiddleware().setSSLContext(...);

Fix was in AndroidAsync:
koush/AndroidAsync@968638d

[koush]

This test case is also a good sample:

koush/AndroidAsync@968638d#L6R1

[yolapop]

Excuse me for asking,
this implementation is basically like "trust all incoming certificate" and not some specific certificate, right?

[koush]

It's an implementation to trust a specific cert.

[yolapop]

But it doesn't load a specific CA from file, or somewhere, like in here https://developer.android.com/training/articles/security-ssl.html#UnknownCa, so how does it trust from specific cert?

[koush]

It does exactly that:

koush/AndroidAsync@968638d#diff-f1b421e2e337ad983791aaef62f7de28R33

See the bit where it sets up it's own trust manager and loads a self signed cert.

[yolapop]

Oh, shit. I realized that I misread second comment (or first) this whole time.
Thank you for clarification, Koush.

[rvanzon]

Is there maybe a simple example showing how to use this when using Ion to connect to a RESTful server using self signed certificates?

[ghost]

As Ion.with(...) uses a new HttpClient for each call - how can we set a trustManager to be used for all Ion requests?

[anti43]

EDIT
@mannaz I got Ion.with to work like this:

    Ion ion = Ion.getDefault(c);
    ion.configure().createSSLContext("TLS");
    ion.getHttpClient().getSSLSocketMiddleware().setSSLContext(sslContext);
    ion.getHttpClient().getSSLSocketMiddleware().setTrustManagers(trustManagers);

( Ion.getDefault(c) is used in Ion.with{})

[koush]

ion uses the same http client every call.

[anti43]

@koush yes, but as the examples setup

AsyncHttpClient.getDefaultInstance()

and Ion.getDefault(c) is on

new AsyncHttpClient(new AsyncServer("ion-" + name));

the example code does not match the usage of Ion.with ..
That was what was confusing here I guess.

[koush]

ion.with calls into ion.getDefault.

[koush]

oh, you were assuming that ion uses the default asynchttpclient. nah, it has it's own.

[HughJeffner]

Is there a reason .setTrustManagers(...) must be called as well? I thought the SSLContext is initialized with a set of trust managers, this seems like a duplication of effort.

[ibnux]

i use Cloudflare Free SSL and getting Error
this is how i resolve it https://gist.github.com/ibnux/4bf68e16e1228b6568a349c583d1cd32

[muhammad-naderi]

for future reference : https://gist.github.com/muhammad-naderi/fad2c163ac61e0b7282209c07f5dadf5