SSL Certs and Android

Android Question here!

I have a server that requires an SSL cert. If I import the cert into the Android keystore (the one that is created for release signing), then I can access the server no problem, otherwise I cant access the server.

I understand that if the release signing keystore is changed, then you cant update your app. So my question is… if I’m ship my app with my client cert imported in my keystore, then ONLY change the client cert down the road like a year or 2 from now… Will apps be able to update? Or will Google Play see my app as a different app even though I didnt tamper with the password for the keystore itself, only replaced the client cert inside…

Anyone have the answer to this?
Thanks!!!

Huh, how does that work?

@Sujan12 I just imported the client cert into the keystore and it works (cant find the post now but there was a thread somewhere that said to do this), perhaps under the hood the same keystore is being used for SSL? Do you know this works? And if so do you have a recommended approach to connecting Android devices to a server that requires a client cert for ssl?

No idea - that’s why I’m curious.

haha no worries, I didnt know what I was talking about. There must have been some coincidence with my first release build to where internet was down and I thought it was related to a client cert. After generating a new keystore without adding any certs, tested again and everything was good. Sorry for the confusion lol.

I was confused myself because it didnt seem right… but after adding the cert it worked… but that prob had nothing to do with anything!

1 Like

yeah it would be strange if you need the ssl cert on your computer everytime you try to open a https-address :smile:

Strange that this is even possible… adding an https-certificate to the keystore Oo

1 Like