Hi,
I hope this email finds you in good spirits.
I am relatively new at Android and I have developed a service which connects to the ActiveMQ host using SSL/TLS support of mqttv3:1.1.0
I have been able to perform TLS connection to ActiveMQ without the certificate pinning successfully.
However whenever I tried to implement certificate pinning using Android Sample. The app crashed.
I am going to put in the sample code as an example for certificate pinning. As it says in the website, it fully supports TLS/SSL however, any code ensuring certificate pinning just crashes. I have also implemented certificate pinning on the Https library native of Android and it is just working fine. But the same code does not work for MQTT lib. Attached code for more insight.
KeyStore myKeyStore = KeyStore.getInstance("BKS");
myKeyStore.load(aContext.getResources().openRawResource(R.raw.mytruststore), "password".toCharArray());
// Create a custom trust manager that accepts the server self-signed certificate
TrustManagerFactory myTrustManagerFactory = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
myTrustManagerFactory.init(myKeyStore);
// Create the SSLContext for the SSLSocket to use
SSLContext mySSLContext = SSLContext.getInstance("TLS");
mySSLContext.init(null, myTrustManagerFactory.getTrustManagers(), new SecureRandom());
// Create SSLSocketFactory
SSLSocketFactory myFactory = mySSLContext.getSocketFactory();
MqttConnectOptions myOptions = new MqttConnectOptions();
myOptions.setCleanSession(false);
myOptions.setAutomaticReconnect(true);
myOptions.setKeepAliveInterval(Constant.KEEP_ALIVE_INTERVAL);
myOptions.setSocketFactory(mySSLContext.getSocketFactory());
myOptions.setSocketFactory(myFactory);
theMQTTClient = new MqttAndroidClient(this.theContext,aBrokerUrl,aDeviceId);
IMqttToken token = theMQTTClient.connect(myOptions);
Kindly help in this regard, As it seems more like an MQTT library specific issue.
Kind Regards,
Sumayya Shahzad
