Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Java Development

Reply
Contributor
Posts: 10
Registered: ‎03-30-2010
My Device: Emulator
My Carrier: None

Bypassing SSL certificate check

I have an app that only talks to a dedicated server. We're using https on the server but when I try to connect I get a message saying "You are attempting to open a secure connection, but the serer's certificate is not trusted." It gives options to continue, close the connection, view the certificate, or trust the certificate. This seems like a pretty straightforward thing, but our app is geared towards parents who don't always understand their phones, and anything but the ponderous "trust" process is going to mean the message keeps popping up.

 

Viewing the certificate says that the errors are Untrusted Cert Chain and Stale Chain Status. Is it possible there's something wrong server side? The cert works with all major browsers and also on our Android version of the app (though we had to do jump through some hoops to get it trusted there).

 

Is there a way for an application to bypass that message and allow itself to connect to a specific server without triggering the popup?

 

Failing that, does anyone know which certificate vendors 4.5.0 and later support so we can possibly switch? Ours is through SecureTrust CA.

Developer
Posts: 16,694
Registered: ‎07-29-2008
My Device: Z10 LE, Z30, Passport
My Carrier: O2 Germany

Re: Bypassing SSL certificate check

put some explanation text into your documentation or, if you really think it necessary, show a popup before connecting.

the popup is a security measure and cannot be circumvented.
----------------------------------------------------------
feel free to press the like button on the right side to thank the user that helped you.
please mark posts as solved if you found a solution.
@SimonHain on twitter
Contributor
Posts: 12
Registered: ‎04-16-2012
My Device: Bold 9780
My Carrier: Vodafone

Re: Bypassing SSL certificate check

But is there anyway to automatically reject the connection from code. I'm using ConnectionFactory

Developer
Posts: 16,694
Registered: ‎07-29-2008
My Device: Z10 LE, Z30, Passport
My Carrier: O2 Germany

Re: Bypassing SSL certificate check

please open your own thread for your question
----------------------------------------------------------
feel free to press the like button on the right side to thank the user that helped you.
please mark posts as solved if you found a solution.
@SimonHain on twitter