I have a secured (ssl) web page running on an android device while there is also a native android application with a web server inside which runs on the same device. The inner web server listening to https requests. (Using NanoHttpd for android)
In order for the web page and the web server to communicate (by AJAX requests) I have installed a self signed certificate in the android native app.
Here is the related code at the android native app (web server):
sslServer = new WebServer(PORT);
SSLServerSocketFactory mySSLSocketFactory = NanoHTTPD.makeSSLSocketFactory("/mybks.bks", “myPassword”.toCharArray());
SSLServerSocket ss =(SSLServerSocket) mySSLSocketFactory.createServerSocket(); sslServer.makeSecure(mySSLSocketFactory,ss.getSupportedProtocols());
sslServer.start(600);
The problem is that the self signed certificate wasn’t issued by a known certificate authority (CA) - so the ajax request fail to get a valid response from the web server.
BUT - if I try to go to the browser and request the https url (which fails upon my ajax request) that points to my running NanoHttpd web server I get the message saying “You connection is not private” and by clicking the “Proceed to ____ (unsafe)” everything starts working.
enter image description here
I thought that there should be some kind of solution regarding this problem so I would not need in any new android device to do the same thing and allow it once in order it to work in the next attempts.