private static List<Certificate> loadAllCertificates() { List<Certificate> certs = new ArrayList<Certificate>(); Logger.I(TAG, "Loading all SSL certificates from config"); if (RhoConf.isExist("CAFile")) { String caFilePath = RhoConf.getString("CAFile"); Logger.I(TAG, "CAFile found in config: loading certificate: " + caFilePath); File caFile = new File(caFilePath); if (caFile.exists()) { Certificate c = loadCertificate(caFile); if (c != null) { certs.add(c); } } else { Logger.W(TAG, "CAFile config parameter exists, but file " + caFilePath + " not found."); } } if (RhoConf.isExist("CAPath")) { String caFolderPath = RhoConf.getString("CAPath"); Logger.I(TAG, "CAPath found in config: loading all certificates from " + caFolderPath); File caFolder = new File(caFolderPath); if (caFolder.isDirectory()) { File list[] = caFolder.listFiles(); for (File f : list) { Certificate c = loadCertificate(f); if (c != null) { certs.add(c); } } } else { Logger.W(TAG, "CAPath config parameter exists, but folder " + caFolderPath + " not found."); } } Logger.I(TAG, "SSL certificates loaded: " + String.valueOf(certs.size())); return certs; }
@Override public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) { if (RhoConf.getBool("no_ssl_verify_peer")) { Logger.D(TAG, "Skip SSL error."); handler.proceed(); } else { StringBuilder msg = new StringBuilder(); msg.append("SSL error - "); switch (error.getPrimaryError()) { case SslError.SSL_NOTYETVALID: msg.append("The certificate is not yet valid: "); break; case SslError.SSL_EXPIRED: msg.append("The certificate has expired: "); break; case SslError.SSL_IDMISMATCH: msg.append("Hostname mismatch: "); break; case SslError.SSL_UNTRUSTED: msg.append("The certificate authority is not trusted: "); break; } msg.append(error.getCertificate().toString()); Logger.W(TAG, msg.toString()); handler.cancel(); } }