Home Network SSL Checker
Checks if your server is reachable and presents the correct SSL certificate
Olaf Titz · de.inka.bigred.homenetchecker
UpdatedMay 16, 2018
PublishedMay 16, 2018
Packagede.inka.bigred.homenetchecker
MD5df58484cb01eee290ada0238ca34de13
SHA1 (signer)00:D2:20:74:79:67:33:76:7A:C7:C1:D6:F5:F2:49:EB:FA:A6:20:58
Signed byCN=Olaf Titz, O=private developer, L=Munich, C=DE
Malware scanTRUSTED
Contact[email protected]
What's new
[1.5]
KitKat compatibility: Require additional permission to read a certificate file from USB storage.
Now uses file manager to find certificates if none found internally.
Added high-resolution images.
[1.4]
Configuration option to not display a notification for "single-red".
Note: on reboot, under some circumstances, the widget won't start. That's a documented Android restriction.
Tap on the widget and "Check now" when it remains grey.
KitKat compatibility: Require additional permission to read a certificate file from USB storage.
Now uses file manager to find certificates if none found internally.
Added high-resolution images.
[1.4]
Configuration option to not display a notification for "single-red".
Note: on reboot, under some circumstances, the widget won't start. That's a documented Android restriction.
Tap on the widget and "Check now" when it remains grey.
Description
The standard Android applications for mail, calendar, contacts etc. can synchronize against SSL-protected servers but have no option to check their certificate. Basically, it is possible to either check if the certificate is issued by one of the standard (before Android 4.0, not user-editable) CAs, or not check them at all. This is not enough to reliably assert the identity of the server, which presents the risk of giving sensitive information (account passwords) to the wrong server. This problem is especially important when the server is on a semi-permament connection and found via dynamic DNS, uses self-signed or private-CA certificates, or when using public WiFi hotspots (which are rather trivial to fake and therefore are a regular MitM-attack vector).
This app checks in configurable intervals if a given HTTPS URL is reachable and the server identifies itself with the right certificate. It consists of a home screen widget displaying the status with colored "signal lights":
* green, if the connection is okay
* yellow, when a check is underway
* red, when the server is unreachable
* double red, when the server gives errors or fails certificate checking
* small white, when checking is not needed
When checking and when an error happens, the global synchronization setting is turned off. This way you should be reasonably safe that the synchronization does not try to connect to a server whose identity is not verified, given it is the same server as the one you check.
This is an open source (GPL) app. Source and further documentation is available via my Web site.
Permissions needed:
INTERNET - connect to your server (nowhere else)
ACCESS_NETWORK_STATE - determine your connection (WLAN, mobile...) to find out if checking is needed
READ_SYNC_SETTINGS, WRITE_SYNC_SETTINGS - turn sync off on checking or error
RECEIVE_BOOT_COMPLETED - automatic start (if possible, depending on Android version)
READ_EXTERNAL_STORAGE - read certificates from memory or SD card
This app checks in configurable intervals if a given HTTPS URL is reachable and the server identifies itself with the right certificate. It consists of a home screen widget displaying the status with colored "signal lights":
* green, if the connection is okay
* yellow, when a check is underway
* red, when the server is unreachable
* double red, when the server gives errors or fails certificate checking
* small white, when checking is not needed
When checking and when an error happens, the global synchronization setting is turned off. This way you should be reasonably safe that the synchronization does not try to connect to a server whose identity is not verified, given it is the same server as the one you check.
This is an open source (GPL) app. Source and further documentation is available via my Web site.
Permissions needed:
INTERNET - connect to your server (nowhere else)
ACCESS_NETWORK_STATE - determine your connection (WLAN, mobile...) to find out if checking is needed
READ_SYNC_SETTINGS, WRITE_SYNC_SETTINGS - turn sync off on checking or error
RECEIVE_BOOT_COMPLETED - automatic start (if possible, depending on Android version)
READ_EXTERNAL_STORAGE - read certificates from memory or SD card
Required features
- Touchscreen android.hardware.touchscreen
Permissions (6)
Home Network SSL Checker requests the following Android permissions:
- Access Network State android.permission.ACCESS_NETWORK_STATE
- Internet android.permission.INTERNET
- Read External Storage android.permission.READ_EXTERNAL_STORAGE
- Read Sync Settings android.permission.READ_SYNC_SETTINGS
- Receive Boot Completed android.permission.RECEIVE_BOOT_COMPLETED
- Write Sync Settings android.permission.WRITE_SYNC_SETTINGS
