| Android browser encounter an untrusted certificate warning while ac... |  Search
|
|
NowSMS Support Forums ⬆ NowSMS Support - MMS & Advanced Issues ⬆ Archive through June 09, 2011 ⬆ |
◄ ► |
| Author | Message | |||
| Eric New member Username: Yap Post Number: 1 Registered: 02-2011 |
Hi I've encountered a annoying untrusted certificate warning while using mobile browser in my Android phone to access nowsms web interface. I assume this warning is caused by a self-signed SSL.CRT by the server when generated CSR request. Is it possible to install a CA certificate from well-known authority instead of relying on self-signed CA certificate as I can't find way to install the self-signed certificate on my mobile like IE way in PC. FYI, my certificate is signed by GoDaddy and according to them, all Android devices are supported. Article here http://help.godaddy.com/article/1139 Thanks. | |||
| Des - NowSMS Support Board Administrator Username: Desosms Post Number: 2952 Registered: 08-2008 |
Hi Eric, I'm not sure I understand your situation. Do you have a self-signed SSL certificate, or have you actually had a certificate signed by the GoDaddy CA? (If you did get it signed, verify that you installed it in the NowSMS program directory with a filename of SSL.CA.) If you connect with a PC browser, you can usually find an option to view security information ... what does it say about the certificate? The only other issue that I can think of is the one described here: http://www.nowsms.com/nowsms-and-ssl-certificates-2048-bit-key If you've had your SSL certificate generated with a CSR from an older version, it's possible the Android browser might be complaining about the 1024-bit key. -- Des NowSMS Support | |||
| Eric New member Username: Yap Post Number: 3 Registered: 02-2011 |
Hi Des I do have installed a 2048-bit cert signed by Godaddy. The problem encountered is I get an untrusted certificate warning whenever I access the url on Android emulator's mobile browser and in Java cocde (using URLconnection). However, using mobile browser in a real Android device has no warning. From my shallow understanding of SSL and configuration in an ordinary web server, three files are required. They are SSLCertificateFile (signed certificate issued to you), SSLCertificateKeyFile (your private key I assume) and SSLCACertificateFile (some may refer it as an intermediate file or chain file for the authhorities not recordded as root CA). From your other post at http://support.nowsms.com/discus/messages/485/69993.html, I understand nowsms' implementaiton has SSL.CA (for signed certificate) and SSL.KEY (I guess is key file). What I am looking for is a way to config the intermediate / chain file in my installation for not breaking up the cert chain. Thanks. -Eric | |||
| Bryce Norwood - NowSMS Support Board Administrator Username: Bryce Post Number: 7948 Registered: 10-2002 |
Hi Eric, I'm not sure that I understand this concept of SSL chain certificates any better than Des, but I've been trying to better understand it. Try the update for SMSSSL.DLL that can be downloaded from http://www.nowsms.com/download/smssslchain.zip. Edit the SSL.CA file with a text editor, and append any intermediate/chain certificates so that they follow your signed server certificate. If there are multiple intermediate certificates, they should be ordered in the path from your server certificate toward the root CA certificate. Let us know if that works. -bn | |||
| Eric New member Username: Yap Post Number: 4 Registered: 02-2011 |
Hi Bryce I have tested and it WORKS beautifully. Must say you guys rock. Thank you very much. -Eric | |||
