1
0
mirror of https://github.com/laurent22/joplin.git synced 2024-11-27 08:21:03 +02:00

Android: Resolves #680: New: Allow self-signed certificates (#1466)

* Allow User-added CAs in Android

This will enable connecting to servers with self-signed certificates on
android as per issue #680.

Implemented as per:
- https://android-developers.googleblog.com/2016/07/changes-to-trusted-certificate.html
- https://github.com/facebook/react-native/issues/20488

* Allow User-added CAs in Android

This will enable connecting to servers with self-signed certificates on
android as per issue #680.

Implemented as per:
- https://android-developers.googleblog.com/2016/07/changes-to-trusted-certificate.html
- https://github.com/facebook/react-native/issues/20488
This commit is contained in:
Krešimir Klas 2019-05-10 01:15:13 +01:00 committed by Laurent Cozic
parent 771975cd35
commit 7e9972d99f
3 changed files with 16 additions and 1 deletions

View File

@ -37,7 +37,9 @@
android:allowBackup="true"
android:label="@string/app_name"
android:icon="@mipmap/ic_launcher"
android:theme="@style/AppTheme">
android:theme="@style/AppTheme"
android:networkSecurityConfig="@xml/network_security_config"
>
<!-- ============================= -->
<!-- START RN-push-notitication -->

View File

@ -0,0 +1,9 @@
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<base-config>
<trust-anchors>
<certificates src="system"/>
<certificates src="user"/>
</trust-anchors>
</base-config>
</network-security-config>

View File

@ -93,3 +93,7 @@ Joplin relies on Firebase to enable reliable notifications on Android. Since F-D
# Why is it named Joplin?
The name comes from the composer and pianist [Scott Joplin](https://en.wikipedia.org/wiki/Scott_Joplin), which I often listen to. His name is also easy to remember and type so it fell like a good choice. And, to quote a user on Hacker News, "though Scott Joplin's ragtime musical style has a lot in common with some very informal music, his own approach was more educated, sophisticated, and precise. Every note was in its place for a reason, and he was known to prefer his pieces to be performed exactly as written. So you could say that compared to the people who came before him, his notes were more organized".
# How can I use self-signed SSL certificates on Android?
If you want to serve using https but can't or don't want to use SSL certificates signed by trusted certificate authorities (like "Let's Encrypt"), it's possible to generate a custom CA and sign your certificates with it. You can generate the CA and certificates using [openssl](https://gist.github.com/fntlnz/cf14feb5a46b2eda428e000157447309), but I like to use a tool called [mkcert](https://github.com/FiloSottile/mkcert) for it's simplicity. Finally, you have to add your CA certificate to Android settings so that Android can recognize the certificates you signed with your CA as valid ([link](https://support.google.com/nexus/answer/2844832?hl=en-GB)).