Git Product home page Git Product logo

Comments (8)

h-mdm avatar h-mdm commented on July 21, 2024

Certificates can be embedded in the launcher code.

To embed certificates into Headwind MDM launcher, you need to do the following:

  1. Place the certificate files (PEM) into the app/src/main/assets directory
  2. Fill the "certificates" string array in the app/src/main/res/values/strings.xml

Note that downloading certificates from some URL is not safe so it's not done that way.

from hmdm-server.

m-pastuszek avatar m-pastuszek commented on July 21, 2024

@h-mdm, I've just used new cerificate embedding and it works fine, but I have a problem with opening websistes in Kiosk Browser with self-signed certificates. It's just showing blank page.

In Logcat, there's an info:
Failed to validate the certificate chain, error: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

Chrome opens this website correctly as trusted. Can I do something with this?

from hmdm-server.

h-mdm avatar h-mdm commented on July 21, 2024

I guess you can't use just a single self-signed certificate, but you need a chain of at least two certificates, so the "root" certificate is embedded as trusted, and a second one is used by a website.

from hmdm-server.

m-pastuszek avatar m-pastuszek commented on July 21, 2024

So why Chrome opens it correctly?
I've embedded root certificate so in my opinion it should work.

Hierarchy:
rootca

from hmdm-server.

h-mdm avatar h-mdm commented on July 21, 2024

If Chrome trust the certificate, other web clients should trust it as well. Probably the Android component WebViewClient has a bug and it doesn't trust the certificates registered by an MDM app.

Anyway, you can rebuild the kiosk browser and ignore the SSL error: https://stackoverflow.com/questions/33825696/android-error-in-webview-loadurl-trust-anchor-for-certification-path-not-fou

from hmdm-server.

m-pastuszek avatar m-pastuszek commented on July 21, 2024

Yea, I thought about rebuilding, but I couldn't find repo of Kiosk Browser what made me thinking that it's private.

from hmdm-server.

h-mdm avatar h-mdm commented on July 21, 2024

Please contact the technical support https://h-mdm.com/contact-us/

from hmdm-server.

m-pastuszek avatar m-pastuszek commented on July 21, 2024

I've made the decision to leave it like it is. I mean, without SSL.
These websites are inside use only, so HTTPS is not needed - there's much more to do and little profit :)

from hmdm-server.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.