Commit 1d481fea authored by Daniel Schreiber's avatar Daniel Schreiber

Fix handling of certificate chain

fromi the supplied certificates from IdM choose the one which is the root certificate.
parent 010b7590
......@@ -254,6 +254,7 @@ class Helper {
static boolean buildWifiConfig(String json) {
try {
Log.d("buildWifiConfig", json);
JSONObject jObj = new JSONObject(json);
if (!jObj.has("type") || !jObj.getString("type").equals("wifi_config")) {
return false;
......@@ -466,12 +467,15 @@ class Helper {
// API >= 24 would allow us to set all certificates at once, but let's try to
// set each certificate individually to possibly work around issue #10
for (X509Certificate cert : certs) {
Log.d("createEapConfig", "Adding certificate...");
config.enterpriseConfig.setCaCertificate(cert);
// test if certificate is a root CA
if (cert.getIssuerX500Principal().equals(cert.getSubjectX500Principal())) {
Log.d("createEapConfig", "Adding CA certificate " + cert.getSubjectX500Principal().getName());
config.enterpriseConfig.setCaCertificate(cert);
}
}
config.enterpriseConfig.setAnonymousIdentity(anonymousIdentity);
//config.enterpriseConfig.setCaCertificateAlias(caCert);
//config.enterpriseConfig.setClientCertificateAlias(clientCert);
Log.d("createEapConfig", config.enterpriseConfig.getCaCertificate().getSubjectX500Principal().toString());
return config;
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment