CA for on mobile application

I have a mobile application in development. Not by me but by the company I hired to do it. And with in my app I want to make use of ther services of stripe. And they require me to have a secure HTTTPS page. Which they told me I could get here. Now I am completely new in this and I only see information about how to get such a page for your website. But I need it for an app.
Now my questions are:
How do I get a CA on my app?
Can I let my app developer implement this or do I need to do this as the app owner?

Thank you for taking time to read my message. I hope you can help me.

hi @MeetEat

I think a review of concepts might be a first step

Let’s Encrypt does not provide secure pages they provide certificates which you can use to secure sites

You should articulate things such as the web server that you are using

You should also review the term CA (Certificate authority) and what it means (you don’t need a certificate authority)

Your developer might be able to help if he has installed certificates on web servers

Note also: mobile phones cannot run web servers

Andrei

Well, yes, they can (I remember running Apache on a first-generation iPhone), but it’s rarely a good or useful idea.

As @ahaw021 says, you don’t, and you shouldn’t need one. If you want a certificate from Let’s Encrypt, you’ll need to use some client software to obtain one. See https://letsencrypt.org/getting-started/ for information on getting started. If you’re unable or unwilling to use the client software, you could use something like https://zerossl.com/ as your client. In any case, the certificate will only be valid for 90 days, so you’ll need to renew it within that time.

I hope I’m not duplicating exactly what everyone else has already said, but:

First you said that Stripe requires you to have a secure HTTPS page. There “page” refers to a web page, which is part of a web site.

Then you said that you don’t have a web site. However, if you don’t have a web site, then you can’t use HTTPS! HTTPS is only a technology for communicating with web sites.

The certificates that Let’s Encrypt issues don’t certify mobile apps or mobile app developers, but rather confirm your ownership of an Internet domain name, usually in order to allow HTTPS connections to a web site. But again, if Stripe told you that you need HTTPS, presumably they are expecting you to have a web site of some kind, because HTTPS is only used with web sites¹.

I think it would be helpful to be clearer about what Stripe is expecting you to do or to have, and how you’re going to go about it. Perhaps your developers can help clarify this for you.

¹ You can have a web server that provides some kind of service that end users don’t directly interact with, or that isn’t accessed via web browsers at all, and some people might then not choose to call this a “web page” or “web site” but rather a “web service”. However, it still uses the same underlying web technologies.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.