• Object Storage Service

obs
  1. Help Center
  2. Object Storage Service
  3. Developer Guide (Android SDK)
  4. Initialization
  5. Configuring Server-Side Certificate Verification

Configuring Server-Side Certificate Verification

OBS Android SDK supports server-side certificate verification to ensure that OBS is provided by trusted servers. The following details how to configure server certificate verification in Windows. (In Linux, replace %JAVA_HOME% with $JAVA_HOME.)

  1. Obtain the root certificate of the OBS server (for example, open Internet Explorer and choose Internet Options > Content > Certificates to export the certificate) and save it by the name of obs.cer.
  2. Run the %JAVA_HOME%/bin/keytool -import -alias obs -file obs.cer -storepass password -keystore keystore_location command. When the system prompts you to identify whether the certificate is trustworthy, enter Y.
  3. Run the %JAVA_HOME%/bin/keytool -list -v -alias obs -storepass password -keystore keystore_location command to check whether the certificate is successfully imported.
  4. Modify the configuration code for creating an instance of ObsClient by adding the following code:

    ObsConfiguration config = new ObsConfiguration();
    
    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());  
    char[] pwd = "password".toCharArray();  
    FileInputStream fis = new FileInputStream("keystore_location");  
    ks.load(fis, pwd);  
    trustManagerFactory.init(ks);
    config.setTrustManagerFactory(trustManagerFactory);
    
    // Use HTTPS.
    config.setHttpsOnly(true);
    // Enable server-side certificate verification.
    config.setValidateCertificate(true);