Using a Android WebView to connect to secure server with Client Certificate
It is not possible. The code that is needed to answer back a challenge for a client certificate is not available in the sdk. If you look at the source for WebViewClient in the android sdk you will see this method
/**
* Notify the host application to handle a SSL client certificate
* request (display the request to the user and ask whether to
* proceed with a client certificate or not). The host application
* has to call either handler.cancel() or handler.proceed() as the
* connection is suspended and waiting for the response. The
* default behavior is to cancel, returning no client certificate.
*
* @param view The WebView that is initiating the callback.
* @param handler An ClientCertRequestHandler object that will
* handle the user's response.
* @param host_and_port The host and port of the requesting server.
*
* @hide
*/
public void onReceivedClientCertRequest(WebView view,
ClientCertRequestHandler handler, String host_and_port) {
handler.cancel();
}
Do you see that @hide in the doc section? That means "do not make this available to the general public." We need the ability to override this method and utilize the ClientCertRequestHandler, but we can't. Not sure when google will open this API but it is not available in JellyBean.
Not getting callback for onReceivedClientCertRequest in Webview
Client Certificate Authentication can fail in a number of ways in Android:
- Your WebViewClient might not be wired properly: make sure you get other notifications from the WebView such as
WebViewClient.onPageStarted()
- Make sure you're actually using SSL and a https URL
- SSL might fail before you even get to the client certificate check. This is typical for self signed server certificates. You can work around this problem by calling
handler.proceed()
inWebViewClient.onReceivedSslError(view, handler, error)
- SSL client certificate authentication might not be turned on on the server side. When using Apache, set something like
SSLVerifyClient require
along with the required parametersSSLVerifyDepth
andSSLCACertificateFile
in the config - Use a valid CA certificate (created by you or a third party) on the server and a client certificate that was signed by this CA certificate
- Make sure the client certificate is installed on the Android device. You typically copy the client certificate to the device's storage as a PKCS 12 file (pfx file extension)
Android Webview use self-signed certificate
String sslCertificate = error.getCertificate().toString();
String mySslCertificate = new SslCertificate(cert).toString();
if ( sslCertificate.equals(mySslCertificate) )
handler.proceed();
These codes add on WebView onReceivedSslError
methods
I think It's not a perfect solution. But These codes check some of SSL Cert
Not showing popup message(dialog)
Related Topics
How to Dynamically Set Headers in Retrofit (Android)
Android: Adding Static Header to the Top of a Listactivity
Android Location Manager, Get Gps Location ,If No Gps Then Get to Network Provider Location
Android: Integer from Xml Resource
How to Use Android Canvas to Draw a Rectangle with Only Topleft and Topright Corners Round
One Onclickhandler for Multiple Buttons
How to Compile a Static Library Using the Android Ndk
How to Get Add to Home Screen Pop Up on Site Open in Mobile Browser
Android and Setting Alpha for (Image) View Alpha
How to Use Isineditmode() to See Layout with Custom View in the Editor
How to Iterate Through All Keys of Shared Preferences
Prevent Ussd Dialog and Read Ussd Response
Difference Between a Clickable Imageview and Imagebutton
Change Status Bar Color with Appcompat Actionbaractivity
Custom Preferencecategory Headings
How to Share Photo with Caption via Android Share Intent on Facebook