cwac-netsecurity

cwac-netsecurity copied to clipboard

Disable/enable Network Security Config on Android 7+ at runtime?

1

I am in a position where a user of one of my apps is running LineageOS (a custom Android version). They are experiencing certificate pinning issues likely due to the...

SG57

Right now, the most recent compatible OkHttp3 version is 3.9.1

1

just a simple question: WHY ? what's the limit?

xanscale

javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

3

javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.   at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:328)   at okhttp3.internal.connection.RealConnection.connectTls(SourceFile:336)   at okhttp3.internal.connection.RealConnection.establishProtocol(SourceFile:300)   at okhttp3.internal.connection.RealConnection.connect(SourceFile:185)   at okhttp3.internal.connection.ExchangeFinder.findConnection(SourceFile:224)   at okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(SourceFile:107)   at okhttp3.internal.connection.ExchangeFinder.find(SourceFile:87)   at okhttp3.internal.connection.Transmitter.newExchange(SourceFile:169)   at okhttp3.internal.connection.ConnectInterceptor.intercept(SourceFile:41)   at okhttp3.internal.http.RealInterceptorChain.proceed(SourceFile:142)   at...

MajaTrzebiatowska

Add Non-HTTPS TCP/TLS Support

4

Hey It is a bit unclear, so I thought it is better to ask - doest the library support also TCP/TLS connections? Thanks, Omer

omerlh

https://koz.io/pinning-cve-2016-2402/ Try something based on this for certificate pinning tests. This would be two-fold: standard pinning and the soft-pin/TOFU stuff.

commonsguy

See now-closed issue #1.

commonsguy