Welcome!

Welcome to the Official BlackBerry Support Community Forums. This is your resource to discuss support topics with your peers, and learn from each other. New to the forum? Please visit the ‘Getting Started’ link below.
All New Topics | All New Posts
inside custom component

Java Development

Reply
Topic Options
Developer
Developer
jaschroe
Posts: 32
Registered: ‎08-26-2008

Validate SSL certificates?

Options

‎07-15-2009 09:05 PM

I am connecting to a server via (HttpsConnection)Connector.open("https://hostname;deviceside=false", Connector.READ_WRITE) (MDS route).

 

Say, for example, that "hostname" has an invalid certificate (untrusted chain). How can I validate that, in my code? The closest I see is HttpsConnection.getSecurityInfo().getCertificate(), which returns a javax.microedition.pki.Certificate with a lot of long/String accessors. I don't see a way to validate the trust chain. I see the X509Certificate class, but no way to get from a javax.microedition.pki.Certificate to an X509Certificate object.

 

Developing using BlackBerry JDE 4.0.2, testing on JDE 4.2.1.89 BB 8800 simulator using MDS sim 4.1.4. Developing using MDS route, but expected to support BIS-B as well.

Report Inappropriate Content
Message 1 of 9 (4,251 Views)
Reply
Please use plain text.
 
Developer
Developer
rihan007
Posts: 449
Registered: ‎01-14-2009

Re: Validate SSL certificates?

Options

‎06-17-2011 09:46 AM

anyone? 

Report Inappropriate Content
Message 2 of 9 (2,233 Views)
Reply
0 Likes
Please use plain text.
 
Regular Contributor
i68040
Posts: 56
Registered: ‎02-05-2012
My Carrier: T-Mobile

Re: Validate SSL certificates?

Options

‎09-02-2012 07:22 PM

I would like to know the same thing: Looks ilke X509Certificate has the method I need (getPublicKey()), but there is no way to do the conversion.

 

Has anyone come up with a good solution?

Report Inappropriate Content
Message 3 of 9 (1,946 Views)
Reply
0 Likes
Please use plain text.
 
Developer
Developer
rihan007
Posts: 449
Registered: ‎01-14-2009

Re: Validate SSL certificates?

Options

‎09-03-2012 06:00 AM

Impossible to do with the current RIM APIs. You can use BouncyCastle Library to read the certificate information. It should provide you all the info you need from certificate including the chain of certificates.

Report Inappropriate Content
Message 4 of 9 (1,937 Views)
Reply
0 Likes
Please use plain text.
 
Regular Contributor
i68040
Posts: 56
Registered: ‎02-05-2012
My Carrier: T-Mobile

Re: Validate SSL certificates?

Options

‎09-03-2012 09:55 AM

Thanks for the reply! Do you have any suggestions on how I can go about using Bouncy Castle? I've seen it mentioned on other forum posts without any details on how I'm supposed to use it.

 

I have downloaded the J2ME from their downloads page and am looking for some API help.

Report Inappropriate Content
Message 5 of 9 (1,930 Views)
Reply
0 Likes
Please use plain text.
 
Regular Contributor
i68040
Posts: 56
Registered: ‎02-05-2012
My Carrier: T-Mobile

Re: Validate SSL certificates?

Options

‎09-03-2012 11:28 AM

Ok, I have everything compiling correctly using the BouncyCastle 'Certificate' object- but when I start the app I get this error:

 

Error starting ApplicationName: 'ApplicationName' may not contain classes in com.rim, net.rim, net.blackberry, java or javax packages

 

I'm guessing this has to do with me not doing any obfuscation (As mentioned in Q#3 of the Bouncy castle FAQ). Does anyone have any guidance on setting up obfuscation using the Blackberry plugin for Eclipse?

Report Inappropriate Content
Message 6 of 9 (1,926 Views)
Reply
0 Likes
Please use plain text.
 
Developer
Developer
rihan007
Posts: 449
Registered: ‎01-14-2009

Re: Validate SSL certificates?

Options

‎09-03-2012 11:30 AM

You can rename the com.java packages to org.bouncycastle.java packages. RIM doesnt allow to have classes with com.rim, net.rim, net.blackberry, java or javax packages

Report Inappropriate Content
Message 7 of 9 (1,924 Views)
Reply
Please use plain text.
 
Regular Contributor
i68040
Posts: 56
Registered: ‎02-05-2012
My Carrier: T-Mobile

Re: Validate SSL certificates?

Options

‎09-03-2012 11:45 AM

Wow, that worked great! And it helps avoid an obfuscation step.

Thank you!
Report Inappropriate Content
Message 8 of 9 (1,921 Views)
Reply
Please use plain text.
 
rikhil
New Contributor
rikhil
Posts: 2
Registered: ‎05-03-2011
My Carrier: Docomo

Re: Validate SSL certificates?

Options

‎02-07-2013 03:44 AM

Hi i68040 can you please provide the sample code or code snippet that how you have used bouncyCastle, for validating SSL certificates.

Thanks!

Report Inappropriate Content
Message 9 of 9 (726 Views)
Reply
0 Likes
Please use plain text.