Forgetting certs when restarting leap_android
Preconditions:
- The app has been restarted
- The provider selected is a custom provider which needs his ca.cert to be added to the Apache HTTP Client, because if not eip-service.json cannot be downloaded.
- The user has requested a log in operation (entered username and password, and touched the login button).
Desired postconditions:
- The app has started in Dashboard with previously selected provider in there. (OK)
- The new Apache HTTP Client sends correctly the SRP parameter "A" (NOK - SSLPeerUnverifiedException).
Why does this happen?
- Apache HTTP Client trusts ca.cert because eip-service.json download failed in first instance and them ProviderAPI downloaded ca.cert and added it to the Apache HTTP Client.
- If the user restarts the app, the previous client is a new one (because the good one was in memory), and since there is no need to download eip-service.json (it is already present in SharedPrefs), ca.cert is never added to the new client.
Possible solutions:
- If sending A fails because that SSLPeerUnverifiedException, get certificate from SharedPrefs and make the new client trust it.
(from redmine: created on 2013-05-01, closed on 2013-05-01)