Reputation: 73
Use two-way auth with certificates in Android
My network relies on 2 main sides:
Node.JS Server : who works both for self-signed CA and RESTful server over HTTPS.
Android/PhoneGAP(Cordova) App : that sends Ajax requests to the server.
Firstly I need to configure a 2-way handshake, so I created keys and certificates both for the Server and Client. I've installed the CA-root certificate and the client certificate on Android, and i can see it from Settings -> Security -> Certificates -> User.
Now, if I try to access to my server from the Browser (i.e. Safari), a pop-up shows up asking me which client certificate I want to use, than I select the installed one and everything works properly. Instead if I try to perform the same request from the app, no pop-ups are shown, than I can't select any certificate to my server.
There is any way to specify the use of a certain certificate into an Android Application?
Upvotes: 2
Views: 1165
Answers (1)
Reputation: 73
I found a solution after 5 days of struggle...for both ANDROID or IOS, you need to install a Cordova plugin, to enable you application to retrieve the Client-certificates located somewhere into your WWW folder.
https://github.com/zxyang/cordova-plugin-clientcertificate
Upvotes: 4
Related Questions
- Bidirectional SSL communication on Android?
- Using client/server certificates for two way authentication SSL socket on Android
- Using a Android WebView to connect to secure server with Client Certificate
- Authentication with client certificates with PhoneGap
- Is this SSL/TLS two way authentication or what is wrong?
- Android 4.0 SSL Authentication
- SSL Client authentication in Android 4.x
- NodeJS + Android SSL Authentication
- SSL client authentication in Android
- 2-way SSL in Android: client authentication not working