Search Unity

Expired SSL Certificate(s) with an Android build

Discussion in 'Android' started by knr_, Mar 5, 2017.

  1. knr_

    knr_

    Joined:
    Nov 17, 2012
    Posts:
    258
    I have scoured the web for information as well as the forums. There seems to be ways around this using .NET's intrinsic HTTP request classes, but the goal is to use the Unity API instead as work has been done to create these new Unity Web Request classes to replace the WWW class.

    It has been excruciatingly frustrating running into this.

    Does anyone (or perhaps someone from Unity) have a clear, working example of how to bypass expired / invalid certificates?

    Thanks.
     
    knr_, Mar 5, 2017
    #1

  2. Aurimas-Cernius

    Aurimas-Cernius

    Unity Technologies

    Joined:
    Jul 31, 2013
    Posts:
    3,735
    With UnityWebRequest/WWW you can't do that. This is being worked on, but will only come out in future Unity releases.
    For now you have to code it yourself in Java. Mind that you would be making a security hole by doing this.
     
    Aurimas-Cernius, Mar 7, 2017
    #2

  3. knr_

    knr_

    Joined:
    Nov 17, 2012
    Posts:
    258
    Thank you for the reply.

    Yes, we are very aware of the security hole created by bypassing it. We certainly wouldn't use the server in quesiton for a released product, only a development server.

    We will try a self signed certificate for now then and look forward for this feature to be added (with the obvious security hole warning :) ).
     
    knr_, Mar 8, 2017
    #3

  4. Aurimas-Cernius

    Aurimas-Cernius

    Unity Technologies

    Joined:
    Jul 31, 2013
    Posts:
    3,735
    Well, if it's only for development purposes, you should be able to add your certificate to trusted certificates on your phones.
     
    Aurimas-Cernius, Mar 9, 2017
    #4