How To Trust Self Signed Certificate On Android?

I have generated self signed certificate for my server. Then added it to Android with Settings -> Security -> Install. When I'm trying to connect to my server from the applic

Solution 1:

It is important to Android that when you generate your self-signed certificate, you mark it as a Certificate Authority in order to empower it to certify certificates — even if only to sign itself and so certify that it is itself.

This is done in the basicConstraints extension, declaring CA:TRUE instead of the default CA:FALSE. When you import a certificate so marked, Android will consider it a user-installed root certificate, and you should be able to see it under Credential storage → Trusted credentials → USER.

However, a certificate having this bit is a mighty power, and such certificates have been used by nefarious tools to spy on supposedly encrypted user communication in the past. Accordingly, these days, Google Play Protect will want to have a word with the user when this kind of CA certificate is in force.

Solution 2:

This example has two code paths https://stackoverflow.com/a/70543735/1542667

Firstly adding to the network security config, and secondly adding in the okhttp client.