Welcome to the Official BlackBerry® Support Community Forums. This is your resource to discuss support topics with your peers, and learn from each other. New to the forum? Please visit the ‘Getting Started’ link below.
All New Topics | All New Posts
inside custom component

Java Development

Reply
Topic Options
todev
New Member
todev
Posts: 1
Registered: 05-12-2011
My Carrier: -all-

Is there an OpenSSL alternative for BB?

Options

05-13-2011 09:41 AM

I need to install hundreds of SSL certs (at retailers) - which have been issued from my own PKI - and then have my BB app talk to these guys using https. On Android and IPhone, I use OpenSSL and a root CA burned into the app. OpenSSL has a 'verification callback' that lets me tailor the standard cert validation logic and I use this callback to validate the retailer’s cert against my burned in root CA. After playing around with the BB API, I can’t find an equivalent callback. Is there a callback I’ve missed? If not, is there some way to install my root CA into the BB’s trust store when the app is installed (it’s ok if the user has to approve it manually, provided he doesn't have to go through ten warning screens)?

 

I’m also wondering if I can use BouncyCastle to completely replace the native BB https connection. Some forum posts seem to suggest this would work. But will RIM allow such an app into its App Store? For the record, I cannot make a connection to a common server (with a regular cert) and use that to route traffic to my retailers; my app sends credit card info and a common server would be way too vulnerable.

 

I'm targeting OS 5.0 and newer phones only.

 

Report Inappropriate Content
Message 1 of 3 (313 Views)
Reply
0 Likes
Please use plain text.
 
Developer
Developer
rcmaniac25
Posts: 1,713
Registered: 04-28-2009
My Carrier: Verizon

Re: Is there an OpenSSL alternative for BB?

Options

05-17-2011 11:55 PM

I don't know how you would do it off the top of my head but I'm pretty sure some apps on App World use BouncyCastle so I don't think it would be a problem.

------------------------------------------------------------
Three simple rules:
1. Please use the search bar before making new posts.
2. Kudo posts that you find helpful.
3. If a solution has been found for your post, mark it as solved.
--I code too much. Well, too bad.

Projects:
Bing 4 BlackBerry: http://bbing.codeplex.com/
PDF Renderer 4 BlackBerry: http://pdfrend4bb.codeplex.com/
Report Inappropriate Content
Message 2 of 3 (291 Views)
Reply
0 Likes
Please use plain text.
 
will777
Visitor
will777
Posts: 1
Registered: 12-14-2011
My Carrier: N/A

Re: Is there an OpenSSL alternative for BB?

Options

12-14-2011 02:45 AM

@todev

 

I have the exact same problem you have. In my scenario I also have to distribute self-signed certs and must have a way to accept these on the BB app (as I already can on iPhone, Android and Microsoft devices).

 

Have you got Bouncycastle working on a BB app with regards to replacing the HTTPS connection?

Report Inappropriate Content
Message 3 of 3 (83 Views)
Reply
0 Likes
Please use plain text.