How to add custom trust manager?

[imanushin]

I'm trying to add a custom trust manager to have an ability of API usage in a case when different trust managers are required to connect to different services from the same process. I don't want just adding an option "ignoreTls", because that will be too insecure.

As far as I understand, all settings must be json serializable. Of course interface X509TrustManager can't be serialized.

In fact, to put a custom X509TrustManager, I have to put a custom SSLSocketFactory (this is okhttp limitation - please check method sslSocketFactory), so these settings must go in pairs.

What would be the best option to add these settings? I can exclude them from json serialization (so, they could be added only manually) for example, or probable they could be added as a separate runtime parameter (however - how? do we have this option at all?).

Alternatively, the trust manager can be built on-the-fly if we request trusting certificates (in base64) and build our own one, however that might be close to reinventing the wheel.

[nireekshak]

Hi @imanushin, Thank you for raising this! I’ve escalated the issue to the team regarding the settings added to the custom TrustManager. I’ll provide an update as soon as I have more information.