I am not an expert on keystores and have a hard time understanding the nuances of this but this is how far I got:
In creating a xmpp-connection using the asmack build found here one still has to change the truststore, which usually, so say multiple sources on the web, is done using these commands
ConnectionConfiguration config = new ConnectionConfiguration(host, Integer.parseInt(port), service);
config.setTruststorePath("/system/etc/security/cacerts.bks");
config.setTruststorePassword("changeit");
config.setTruststoreType("bks");
XMPPConnection connection = new XMPPConnection(connConfig);
connection.connect();
This works find for older Android versions but under ICS they changed some things and now it does not anymore.The path now is diferent.
Apparently this can be fixed but I have no earthly idea how.
What is needed, obviously, is a method that returns the path depending on SDK version that returns the needed string to set the sdk-path since you can not just return the keystore itself to the xmpp-connection.
In reference to this that method would look like this:
private String getTrustStorePath()
{
String path = System.getProperty("javax.net.ssl.trustStore");
if (path == null)
{
if ( Build.VERSION.SDK_INT >= 14 )
{
//THIS IS THE PART I DONT KNOW
path="";
}
else
{
path = "/system/etc/security/cacerts.bks";
}
return path;
}
Here a commenter says that under Android "4.x; /etc/security/cacerts.bks was replaced with the directory/etc/security/cacerts/ containing the certs as individual PEM encoded files." however, I do not know what relevance, if any, this has.
I have also checked out the code of two projects using xmpp and asmack (gtalksms and yaxim but did not see how they avoid this problem.