12-06-2024, 05:02 PM
(12-06-2024, 04:14 PM)the_bertrum Wrote:(12-06-2024, 11:05 AM)Tim Curtis Wrote: If you want to experiment modify gen-cert.sh and add the -keyout param to embed the private key in the cert (not tested). Then see if the generated cert works in Android import.
Change:
openssl req -x509 -days 3650 -config $OPENSSL_CFG_FILE -in $SSL_CSR_FILE -key $SSL_KEY_FILE -out $SSL_CRT_FILE -extensions req_ext
To:
openssl req -x509 -days 3650 -config $OPENSSL_CFG_FILE -in $SSL_CSR_FILE -key $SSL_KEY_FILE -out $SSL_CRT_FILE -keyout $SSL_CRT_FILE -extensions req_ext
Alas, same error when using a cert generated for this code. Private key required.
Personally, I think if I were to go down the https route on my own players, I'd set up my own CA and sign a cert for all my players using that. It isn't a great deal more work than getting self signed certs into various stores and having them trusted (still can't get my linux mint installation to accept one either).
ITs prolly some sort of cert format issue. I'll look into it more deeply when time permits, or if anyone else wants to dig into it don't hesitate :-)