This is a follow up question related to this answer.
In short: I am importing the Root CA certificate into android system via
Settings -> Security -> Trusted Credentials -> install from SD
path slightly differs on different android versions.
Then point any browser (tested with Firefox, chrome and opera) to the secure (java script based) resource and I receive a socket error. The resource is an index.html with js web-socket logic to securely connect to a mosquitto broker.
If I on the other hand point the browser to "https://myserver:<mysecure port>"
I receive a privacy warning, can continue unsafe and this somehow sets a cookie or other storage thing thus I am able to do future requests over the js based secure resource.
How to accomplish browser based requests on android without accepting unsafe privacy risks?
Go to Source
Author: woodz