Home/ Questions/Q 1087625
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-16T22:57:49+00:00

I have a self signed server certificate (cert.pem) and need to enable it for

  • 0

I have a self signed server certificate (cert.pem) and need to enable it for SSL sockets in an Android application. Ideally I’d like to package the code as .jar file and not need an external certificate file (i.e. include it into the code).

With this code I can accept all certificates, which is not what I want:

SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, new TrustManager [] { new MyTrustManager() }, new SecureRandom());

Do I need to add the certificate to a custom KeyManager or the custom TrustManager?

One problem I’ve encountered is that Android does not accept JKS keystores (KeyStore.getDefaultType() returns “BKS”): “java.security.KeyStoreException: KeyStore JKS implementation not found

Any ideas how to proceed would be highly appreciated!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Yes, you need to add the certificate to a custom KeyStore. It is basically a 4-step process:

    1. Obtain your server certificate.
    2. Import the server certificate to a keystore as a raw resource in your application. The KeyStore type must be BKS.
    3. Create your own TrustManager in your Java/Android program to load the certificate into a SSLContext.
    4. Use that SSLContext for your SSL connections.

    See this link for detailed instructions and sample code:
    http://randomizedsort.blogspot.com/2010/09/step-to-step-guide-to-programming.html

    Good luck.
    Nehc

    • 0