Uploaded image for project: 'Titanium SDK/CLI'
  1. Titanium SDK/CLI
  2. TIMOB-20431

Android: Google Play security alert for insecure TrustManager

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: Release 5.1.2
    • Fix Version/s: None
    • Component/s: Android
    • Environment:

      OSX YOSEMITE 10.10.5
      Android SDK 4.4
      Appcelerator Studio 4.3.0

    • Sprint:
      2016 Sprint 06 SDK

      Description

      Few days ago is appeared this message in google developer console for an app that i published several months ago:
      _Security alert
      Your app is using an unsafe implementation of the X509TrustManager interface with an Apache HTTP client, resulting in a security vulnerability. Please see this Google Help Center article for details, including the deadline for fixing the vulnerability. Please address this issue as soon as possible and increment the version number of the upgraded APK. Beginning May 17, 2016, Google Play will block publishing of any new apps or updates containing the unsafe implementation of the interface X509TrustManager._

      https://support.google.com/faqs/answer/6346016

      In my app i dont use https connections but simple http.

      How can fix this problem?

      Thank you in advance for reply

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                hpham Hieu Pham
                Reporter:
                luk3luk3 Luca Sartori
                Reviewer:
                Ashraf Abu (Inactive)
              • Watchers:
                79 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Git Source Code