Skip to content

Server SSL certificates checking while Websocket connection establishing

By default, Android SDK delegates SSL certificates checking to the system level while establishing secure Websocket connestion to a server. On the system level, in its turn, server certificate is compared with system certificate storage content.

In this case, if the server uses self-signed certificate (for debugging purposes), this certificate will not pass the checking. Therefore since build 1.0.1.73 the session option SessionOptions.trustAllCertificates is added, false by default. To accept any certificates including self-signed ones, this option should be set to true

SessionOptions sessionOptions = new SessionOptions(url);
sessionOptions.trustAllCertificates(true);

Usage example:

code

private CheckBox mTrustAllCer;
...
mTrustAllCer = (CheckBox) findViewById(R.id.trust_all_certificates_default);
...
/**
    * The options for connection session are set.
    * WCS server URL is passed when SessionOptions object is created.
    * SurfaceViewRenderer to be used to display video from the camera is set with method SessionOptions.setLocalRenderer().
    * SurfaceViewRenderer to be used to display preview stream video received from the server is set with method SessionOptions.setRemoteRenderer().
    */
SessionOptions sessionOptions = new SessionOptions(url);
sessionOptions.setLocalRenderer(localRender);
sessionOptions.setRemoteRenderer(remoteRender);
sessionOptions.trustAllCertificates(mTrustAllCer.isChecked());

Warning

This must be used for testing purposes only. The application trusting any certificate will not pass Google Play (or any alternative store) moderation