private static List<Certificate> loadAllCertificates() {
List<Certificate> certs = new ArrayList<Certificate>();
Logger.I(TAG, "Loading all SSL certificates from config");
if (RhoConf.isExist("CAFile")) {
String caFilePath = RhoConf.getString("CAFile");
Logger.I(TAG, "CAFile found in config: loading certificate: " + caFilePath);
File caFile = new File(caFilePath);
if (caFile.exists()) {
Certificate c = loadCertificate(caFile);
if (c != null) {
certs.add(c);
}
} else {
Logger.W(TAG, "CAFile config parameter exists, but file " + caFilePath + " not found.");
}
}
if (RhoConf.isExist("CAPath")) {
String caFolderPath = RhoConf.getString("CAPath");
Logger.I(TAG, "CAPath found in config: loading all certificates from " + caFolderPath);
File caFolder = new File(caFolderPath);
if (caFolder.isDirectory()) {
File list[] = caFolder.listFiles();
for (File f : list) {
Certificate c = loadCertificate(f);
if (c != null) {
certs.add(c);
}
}
} else {
Logger.W(TAG, "CAPath config parameter exists, but folder " + caFolderPath + " not found.");
}
}
Logger.I(TAG, "SSL certificates loaded: " + String.valueOf(certs.size()));
return certs;
}
@Override
public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {
if (RhoConf.getBool("no_ssl_verify_peer")) {
Logger.D(TAG, "Skip SSL error.");
handler.proceed();
} else {
StringBuilder msg = new StringBuilder();
msg.append("SSL error - ");
switch (error.getPrimaryError()) {
case SslError.SSL_NOTYETVALID:
msg.append("The certificate is not yet valid: ");
break;
case SslError.SSL_EXPIRED:
msg.append("The certificate has expired: ");
break;
case SslError.SSL_IDMISMATCH:
msg.append("Hostname mismatch: ");
break;
case SslError.SSL_UNTRUSTED:
msg.append("The certificate authority is not trusted: ");
break;
}
msg.append(error.getCertificate().toString());
Logger.W(TAG, msg.toString());
handler.cancel();
}
}
