Fix client certificate-only usage

2024-04-22 00:59:19 +02:00
parent 79584c85c1
commit 60946e4e1e
1 changed files with 12 additions and 4 deletions
--- a/app/src/main/kotlin/com/github/gotify/api/CertUtils.kt
+++ b/app/src/main/kotlin/com/github/gotify/api/CertUtils.kt
@@ -66,6 +66,7 @@ internal object CertUtils {
                )
                if (tempKeyManagers.isNotEmpty()) {
                    keyManagers = tempKeyManagers
+                    customManagers = true
                }
            }
            if (!settings.validateSSL) {
@@ -75,10 +76,17 @@ internal object CertUtils {
            if (customManagers || !settings.validateSSL) {
                val context = SSLContext.getInstance("TLS")
                context.init(keyManagers, trustManagers, SecureRandom())
-                builder.sslSocketFactory(
-                    context.socketFactory,
-                    trustManagers!![0] as X509TrustManager
-                )
+                if (trustManagers != null) {
+                    // Use custom trust manager
+                    builder.sslSocketFactory(
+                        context.socketFactory,
+                        trustManagers[0] as X509TrustManager
+                    )
+                } else {
+                    // Fall back to system trust managers
+                    @Suppress("DEPRECATION")
+                    builder.sslSocketFactory(context.socketFactory)
+                }
            }
        } catch (e: Exception) {
            // We shouldn't have issues since the cert is verified on login.