Neil: thanks for getting back to me.
I can’t imagine that this could be a result of installing KoBo. It just doesn’t have any effect on SSL certificates.
Let me understand, you are visiting sites in your phones web browser and your browser is complaining about the certificates?
Is there any reason, other than the timing, to suggest it has something to do with KoBo?
Not really - though the timing was a bit specific. The Android device with the problem is running 2.2.2, while a near-identical device running 2.3.3 interacts fine with my SSL server.
The only difference between the two devices apart from the Android version is that one had Kobo Collect installed on it, and the other had the ODK Collect app installed.
I’m pretty sure I had succesfully tested both devices with ODK Collect before installing Kobo Collect, but of course it’s possible that I’m remembering that wrongly, and that the problem device hadn’t previously been successfully tested with ODK Collect. I can’t recreate the original test situation without factory-setting my phone, which is a lot of hassle - so let’s assume I’m mistaken.
Apologies that I may have thrown you a red herring.
One suggestion, though - since non-rooting Android users depend on the device supplier to keep the list of recognised cert authorities updated, and since the suppliers have no vested interest in doing this because they want to sell you a new phone every week (!), would you consider changing the Collect app to make the cert error non-fatal?
In other words, if Collect finds that it’s talking to an SSL server which presents a cert from an unrecognised authority, rather than just stopping, could it tell me there’s a problem with the cert but offer the user a manual override option to (a) continue at their own risk, and (b) ideally to store the cert as a permanent exception?
That’s how most browsers handle the situation, and it seems a sensible route. I note that the in-built Android browser on my device doesn’t allow me to store permanent exceptions like other browsers do, but it does allow me to accept the cert and continue without further warnings during that session.
Thanks
Nik