[pve-devel] [PATCH pve_flutter_frontend v2 1/1] fix: android: add network config to support custom certificates
Shan Shaji
s.shaji at proxmox.com
Thu Sep 4 12:09:54 CEST 2025
Apps targeting Android 6 (API level 23) and lower trust the user added
CA store by default. However, apps targeting > API level 23 need to
explicity mention trust anchor in the security configuration [0] to
trust user installed certificates.
[0] - https://developer.android.com/privacy-and-security/security-config#manifest
References:
- https://developer.android.com/privacy-and-security/security-config#CustomTrust
- https://developer.android.com/privacy-and-security/security-config#ConfigInheritance
- https://developer.android.com/privacy-and-security/security-config#trust-anchors
- https://developer.android.com/privacy-and-security/security-config#certificates
Signed-off-by: Shan Shaji <s.shaji at proxmox.com>
---
android/app/src/main/AndroidManifest.xml | 3 ++-
android/app/src/main/res/xml/network_security_config.xml | 9 +++++++++
2 files changed, 11 insertions(+), 1 deletion(-)
create mode 100644 android/app/src/main/res/xml/network_security_config.xml
diff --git a/android/app/src/main/AndroidManifest.xml b/android/app/src/main/AndroidManifest.xml
index b699752..66135eb 100644
--- a/android/app/src/main/AndroidManifest.xml
+++ b/android/app/src/main/AndroidManifest.xml
@@ -5,7 +5,8 @@
<application
android:label="Proxmox Virtual Environment"
- android:icon="@mipmap/ic_launcher">
+ android:icon="@mipmap/ic_launcher"
+ android:networkSecurityConfig="@xml/network_security_config">
<activity
android:name="com.proxmox.app.pve_flutter_frontend.MainActivity"
diff --git a/android/app/src/main/res/xml/network_security_config.xml b/android/app/src/main/res/xml/network_security_config.xml
new file mode 100644
index 0000000..37a8e3f
--- /dev/null
+++ b/android/app/src/main/res/xml/network_security_config.xml
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8"?>
+<network-security-config>
+ <base-config>
+ <trust-anchors>
+ <certificates src="system"/>
+ <certificates src="user"/>
+ </trust-anchors>
+ </base-config>
+</network-security-config>
\ No newline at end of file
--
2.47.2
More information about the pve-devel
mailing list