This documentation is for WSO2 IoT Server 3.1.0. View the documentation for the latest release.
Page Comparison - Generating a BKS File for Android (v.8 vs v.9) - IoT Server 3.1.0 - WSO2 Documentation

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Generate the BKS file:

    Info

    Make sure to generate the BKS file into the same folder that has the bcprov-jdk16-1.46.jar file before running the command given below. Else, you get the error given below:

    Code Block
    keytool error: java.lang.ClassNotFoundException: org.bouncycastle.jce.provider.BouncyCastleProvider
    java.lang.ClassNotFoundException: org.bouncycastle.jce.provider.BouncyCastleProvider
    	at java.net.URLClassLoader.findClass(URLClassLoader.java:381)
    	at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
    	at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
    	at sun.security.tools.keytool.Main.doCommands(Main.java:673)
    	at sun.security.tools.keytool.Main.run(Main.java:343)
    	at sun.security.tools.keytool.Main.main(Main.java:336)
    Localtab Group
    Localtab
    titleUsed the change-ip script for step 1.
    Panel
    borderColor#11375B
    bgColor#ffffff
    borderWidth1
    Code Block
    keytool -noprompt -import -v -trustcacerts -alias wso2carbon -file c.crt -keystore truststore.bks -storetype BKS -providerclass org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath bcprov-jdk16-1.46.jar -storepass 'wso2carbon'
    Localtab
    titleHaven't used the change-ip script for step 1.
    Panel
    borderColor#11375B
    bgColor#ffffff
    borderWidth1
    Code Block
    keytool -noprompt -import -v -trustcacerts -alias wso2carbon -file ca_cert.pem -keystore truststore.bks -storetype BKS -providerclass org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath bcprov-jdk16-1.46.jar -storepass 'wso2carbon'

    If you are using an SSL certificate by a trusted authority such as GoDaddy, the cert.crt defined in the command should be the interim certificate.  

    Example:

    Code Block
    keytool -noprompt -import -v -trustcacerts -alias godaddy -file cert.crt -keystore truststore.bks -storetype BKS -providerclass org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath bcprov-jdk16-1.46.jar -storepass 'wso2carbon'
  2. Optionally, view the list of certificates in the BKS form using the following command:

    Code Block
    keytool -list -v -keystore "truststore.bks" -provider org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath "bcprov-jdk16-1.46.jar" -storetype BKS -storepass "wso2carbon"
  3. Copy the generated truststore.bks file to the <ANDROID_AGENT>/client/iDPProxy/src/main/res/raw directory and replace the original file. 
  4. Navigate to the <ANDROID_AGENT>/client/client/src/main/java/org/wso2/iot/agent/utils/Constants.java file, and configure the following:
    • Provide the HTTPS_HOST_IP as the value for the API_SERVER_PORT parameter.
      Example: 9443.
    • Change the SERVER_PROTOCOL to https://.
  5. Configure the following files to get SSL to work on the Android agent:

    Info

    Configure the build release you want to compile to get the customized agent. For example, you can build the release, debug, staging or standalone build releases to meet your requirement.

    1. Configure the SERVER_PROTOCOL property to https in the client/iDPProxy/build.gradle file.

      Code Block
      buildConfigField "String", "SERVER_PROTOCOL", "\"https://\""
    2. Configure the DEFAULT_HOST property with the server URL in the client/client/build.gradle file.
      Example:

      Code Block
      buildConfigField "String", "DEFAULT_HOST", "\"https://10.10.10.192:8243\""
      Info

      After this configuration, the Android agent skips the following server URL entering screen during enrollment. 

  6. Navigate to the <ANDROID_AGENT>/client/iDPProxy/src/main/java/org/wso2/iot/agent/proxy/utils/Constants.java file, and provide the BKS file password as the value for the TRUSTSTORE_PASSWORD parameter.