cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SMP 2.3 MBO Object API + Android + Relay Server + SSL?

Former Member

on ‎07-28-2014 7:43 PM

0 Kudos

When creating a native Android application that uses the MBO Object API, connecting to the SMP server through a Relay Server that's listening for SSL, where/how should the trusted certificate be packaged with the application?

That is, if the stream param value lists "trusted_certificates=mycertificate.crt", Where is the API expecting to find the file, "mycertificate.crt"?

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎07-29-2014 11:27 PM
0 Kudos

If I'm not mistaken, I believe that under the trusted_certificates parameter you should include the whole path from your project's root folder.

For example, trusted_certificates=/resources/certs/mycertificate.crt

Of course, choose the actual path of the certificate.

Show replies
Show replies
Former Member
‎08-13-2014 12:23 PM
0 Kudos

If the certificate is in the "assets" folder of the android project, what would the path be?

Former Member
‎08-19-2014 9:27 PM
0 Kudos

Try using /android_assets/mycertificate.crt

Former Member
‎10-24-2014 7:12 PM
0 Kudos

That did not work, either, unfortunately.

It just seems to ignore the "trusted_certificates" stream parameter. Through some log spelunking, it seems to always be looking for a certificate file under the app's files directory named "<APP_ID>_trustedCertificates.crt".

Given that, the following code works around the problem:

                final AssetManager assets = this.getAssets();

                InputStream certFileInputStream = assets.open(CERT_FILE_NAME);

                final FileOutputStream certOutputFile = this.openFileOutput(CERT_FILE_NAME, Context.MODE_PRIVATE);

                byte[] buffer = new byte[1024];

                int len;

                while ((len = certFileInputStream.read(buffer)) != -1) {

                    certOutputFile.write(buffer, 0, len);

                }

                certOutputFile.flush();

                certOutputFile.close();

                certFileInputStream.close();

That is, I package the cert under the "assets" folder and then copy it at runtime to the name/location expected by the MBO/MobiLink runtime. This is definitely a "workaround," though. Has no one else come across this problem?

former_member199074
Explorer
‎10-29-2014 9:57 AM
0 Kudos

Did you try importing the certificate into Android's Keystore without referencing it in the streamparams?

Thanks,

Mohamed

Former Member
‎11-03-2014 9:43 PM
0 Kudos

The root ca is already in the android keystore. Leaving the cert name out of the streamparams did not work.

Jitendra_Kansal
Product and Topic Expert
Product and Topic Expert
‎07-29-2014 5:58 PM
0 Kudos

Hi Joe,

How is the communication happening from device to Relay server and then RS to SMP server? HTTP or https based?

Is relay server using a certificate signed by any authority like CA for https connections?

Meanwhile, i suggest you to look at below discussion:

Rgrds,

JK

Show replies
Show replies
Former Member
‎08-13-2014 12:14 PM
0 Kudos

The communication from the device to the relay server is over https. The communication from the relay server to smp is http.

I followed the instructions at that link, but it still isn't clear where *exactly* the certificate file should go in the application structure. For now, I have it directly under "assets", but that doesn't seem to be working.

On iOS, I put the certificate at the root of the project and included the stream parameter, "trusted_certificates=mycertificate.crt", which worked. The same is not working on Android.

Former Member
‎08-15-2014 3:22 PM
0 Kudos

The certificate is signed by entrust.

Do you know if this configuration is supported?

Device->HTTPS->Relay Server->HTTP->SMP Server

Jitendra_Kansal
Product and Topic Expert
Product and Topic Expert
‎08-15-2014 6:48 PM
0 Kudos

Hi Joe,

This communication should work. Regarding importing certificate in android project, can you check these threads if you can any clues?

Rgrds

JK

Ask a Question