• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Chat app using JSSE

 
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi all,

I want to create a small Android chat app which is able to communicate over SSL with other clients. I want to do this packing the truststore containing the server's certificate in the .apk-file which installs the app.
Now my question is: Is this the right way to do that or is there a better way? I just want to make sure that the app currently only trusts my server.
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Do you mean that you want to have one device connect directly to another device? That is most likely not going to work (firewalls etc.) - you will very likely end up with the traffic going through a central hub. In which case the problem boils down to an SSL connection to one server (the certificate of which is well-known in advance).
 
Arthur McMillan
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Sorry if I didn't explain it understandably:
I actually want my device to connect to one known server as a central hub. The clients' truststores should contain the server's certificate (which is well-known, as you said). All I wanted to know now was if packing this truststore directly in the .apk-file (which installs android apps on a device) is a good solution to make my system possible.
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic