Versions Compared

Old Version 3

changes.mady.by.user Former user

Saved on

compared with

New Version 4

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The Android agent must have the CA certificate inside the application when configuring the Secure Sockets Layer (SSL). The CA certificate is stored in a BKS (bouncycastle) file. Follow the steps given below to create and generate a BKS file: 

...

  1. Generate the BKS file:

    Info

    Ensure that you have the bcprov-jdk16-1.46.jar file in the same folder where you will be generating the BKS file before you run this command.

    Code Block
    keytool -noprompt -import -v -trustcacerts -alias 'openssl x509 -inform PEM -subject_hash -noout -in ca_cert.pem' -file ca_cert.pem -keystore emm_truststore.bks -storetype BKS -providerclass org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath bcprov-jdk16-1.46.jar -storepass 'wso2carbon'

    If you are using an SSL certificate by a trusted authority such as GoDaddy, the cert.crt defined in the command should be the interim certificate. 
    Example:

    Code Block
    keytool -noprompt -import -v -trustcacerts -alias godaddy -file cert.crt -keystore emm_truststore.bks -storetype BKS -providerclass org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath bcprov-jdk16-1.46.jar -storepass 'wso2carbon'

  2. Optionally, view the list of certificates in the BKS form using the following command:

    Code Block
    keytool -list -v -keystore "emm_truststore.bks" -provider org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath "bcprov-jdk16-1.46.jar" -storetype BKS -storepass "wso2carbon"
  3. Copy the generated emm_truststore.bks file to the <EMM_SOURCE_HOME>/modules/mobile-agents/android/client/iDPProxy/src/main/res/raw directory and replace the original file
  4. Navigate to the Constants.java file, which is in the Android folder and configure the following:
    • Provide the HTTPS_HOST_IP as the value for the SERVER_PORT parameter.
      Example: 9443.
    • Change the SERVER_PROTOCOL to https://.
    • Provide the BKS file password as the value for the TRUSTSTORE_PASSWORD parameter.
    Code Block
    titleSample
    	public static boolean DEBUG_MODE_ENABLED = false;
	public static boolean LOCAL_NOTIFICATIONS_ENABLED = true;
	public static boolean GCM_ENABLED = false;

	public static String SERVER_IP = "";

	public static String SERVER_PORT = "9443";
	public static String SERVER_PROTOCOL = "https://";
	public static String API_VERSION = "1.0.0";
	
	public static String SERVER_APP_ENDPOINT = "/EMM/api/";

	public static String OAUTH_ENDPOINT = "/oauth2/token";
	public static String SENDER_ID_ENDPOINT = "devices/sender_id/";
	public static String IS_REGISTERED_ENDPOINT = "devices/isregistered/";
	public static String LICENSE_ENDPOINT = "devices/license/";
	public static String REGISTER_ENDPOINT = "devices/register/";
	public static String UNREGISTER_ENDPOINT = "devices/unregister/";
	public static String NOTIFICATION_ENDPOINT = "notifications/pendingOperations/";
	
	public static String SERVER_URL = SERVER_PROTOCOL + SERVER_IP + ":"
			+ SERVER_PORT + SERVER_APP_ENDPOINT;

	public static final String TRUSTSTORE_PASSWORD = "<BKS_FILE_PASSWORD>";
	public static final String EULA_TITLE = "POLICY AGREEMENT";