WebView with SSL Client Certificate on Android 4 ICS

Question

I have a problem with the native WebView on Android. I need to authenticate with a site using a SSL Client Certificate. The Android WebView doesn't seem to support this. As a workaround I used a modified version of the WebView:

https://github.com/yonekawa/webview-with-client-certificate

The modified WebView works by injecting a properly configured SslSocketFactory into the standard Android WebView. This works fine on Android 2.x devices. However, with Android 4 ICS it doesn't work anymore. The SslSocketFactory is still there in ICS, however, it seems that it isn't used anymore.

So my question is: has anyone succeeded in configuring the Android WebView on ICS so that it works with a client certificate? Or is there any alternative?

What I already tried:

• importing the SSL client certificate into the Android keystore and just using the WebView without any modification. This doesn't work, the client certificate is not sent along with the requests. It works in the native browser, though.

• creating the SSL connection myself using HttpClient, getting the HTML of the site and handing it to the WebView. This basically works, but I need to intercept all requests made by the WebView and handle them myself. However, the WebView doesn't provide the data of POST requests, which makes this approach unusable for me.

Answer 1

I think what you want is overriding the following hidden method:

public void onReceivedClientCertRequest(WebView view,
ClientCertRequestHandler handler, String host_and_port) {

By default this will cancle the request.

I have used this method following this example for using hidden APIs: http://devmaze.wordpress.com/2011/01/19/using-com-android-internal-part-5-summary-and-example/

Sorry for the late answer. Just stumbled upon your question... Hope it still helps.