Pin not require after importing SSL cert?



  • Just curious why my android phone require security pin since importing self signed cert however my new android tablet does not require pin to be entered, nor do I get the message about 3rd party monitoring. Any ideas?


  • developer

    Please provide more details. Did you import the certificate manually/using CAdroid, or did you just accept the certificate in DAVdroid?



  • Well this is weird. I don't use CAdroid. I place SSL cert in webserver root. Navigate to it via web browser, then download and add to trusted credentials. This is how I have always performed this on my phone since initially I believe some time ago CAdroid did not like self signed certificates.
    I do not see the cert in my user trusted credentials on the tablet. I don't believe I set this connection up via http, but cannot see how to check short of removing the account. Let me know if there is a way to check if this connection (account) web address without removing account. Is it possible to accept self-signed cert in DavDroid? Thanks. BTW paid for app (davdroid) in play store. This app is looking good design wise. Thanks.


  • developer

    @ctgcwiqc said in Pin not require after importing SSL cert?:

    Well this is weird. I don't use CAdroid. I place SSL cert in webserver root. Navigate to it via web browser, then download and add to trusted credentials. This is how I have always performed this on my phone since initially I believe some time ago CAdroid did not like self signed certificates.

    CAdroid is only a helper for the Android certificate import process. It downloads the certificate from a HTTPS server, saves it in the format required by Android and then calls the Android "Import certificate" dialog.

    Android didn't like self-signed certificates without CA flag. So, CAdroid shows a warning for certificates without CA flag, because they won't work with most Android devices. Nothing more. So, if you can import your certificate using a browser, you can also import it using CAdroid, and the other direction.

    However, this is only required if you need the certificate to be valid for all system apps (e.g. email app, etc.). If you import a certificate, it will be valid for all apps, including DAVdroid. However…

    Is it possible to accept self-signed cert in DavDroid?

    … if you only use the certificate with DAVdroid, there's no need to import it. DAVdroid handles self-signed certificates on its own using MemorizingTrustManager. So, if you connect to a server and add the certificate in DAVdroid, it won't show up in the system/user certificates, because only DAVdroid knows that its valid and stores it in its own keystore (<davdroid>/KeyStore/KeyStore.bks).

    I do not see the cert in my user trusted credentials on the tablet. I don't believe I set this connection up via http, but cannot see how to check short of removing the account. Let me know if there is a way to check if this connection (account) web address without removing account.

    I don't know what you mean. What exactly do you want to check?

    Thanks. BTW paid for app (davdroid) in play store. This app is looking good design wise. Thanks.

    Thanks :)


Log in to reply
 

Looks like your connection to Bitfire App Forums was lost, please wait while we try to reconnect.