SAP Fiori Client Guide


Task overview: Using the X.509 Certificate Provider Interface to Integrate with Third-Party Certificate Providers

Building and Running an Android Project

Build and run an Android project for an X.509 certificate provider.

Context

This task references the sample provider project. Alternately, you can use these steps to build your own certificate provider project. The sample CertificateFromFileProvider project and the sample Hybrid SDK (Kapsel) application are available for download at https://github.com/SAP/mobilesdk-certificateproviderInformation published on non-SAP site in the Android/CertificateFromFileProvider subfolder.

Procedure

  1. Create a Hybrid SDK (Kapsel) application with the Logon plugin with the following steps: 
    cordova create X509KapselSample X509KapselSample com.sample.x509
cordova platform add android
cordova -d plugin add com.sap.mp.cordova.plugins.logon –searchpath {YourKapselSDKPluginInstallationFolder}\plugins
cordova -d prepare android

    Replace the index.html in the www folder with the index.html in the X509FileCertificateProvider/resource folder.

  2. Create an Android project with the source files CustomKeyManager.java and FileCertificateProvider.java from mobilesdk-certificateprovider/Android/CertificateFromFileProvider.
  3. The sample provider depends on the CommonCertificateProvider jar file, which can be found in the <kapsel sdk root>\plugins\logon\android\libs\ directory.
  4. Build the project, and verify that a jar file is created.
  5. Add the jar file from step 4 to the libs folder of the Hybrid SDK (Kapsel) application.
  6. Optionally, you can add the following line to the config.xml file in the root of the Hybrid SDK (Kapsel) project: 
    <preference name="SAPKapselHandleHttpRequests" value="true" />

    This line makes the AuthProxy plugin handle all network requests. If AuthProxy gets an X.509 challenge, it will attempt to get a certificate from the Logon plugin (which will supply the certificate from the provider to AuthProxy). If this preference is not set, then requests must be made through the AuthProxy API to make use of the certificate from the provider.

  7. Add a line in AndroidManifest.xml: 
    <meta-data android:name="certFromFileProvider" android:value="com.example.certificatefromfileprovider.CustomCertificateProvider" />

    Insert this tag inside the application tag, like this:

    <application...>
<meta-data android:name="certFromFileProvider" android:value="com.example.certificatefromfileprovider.CustomCertificateProvider" />
<other tags...>
</application>

    The value in the tag you are adding must match the classpath and name of the class that implements the CertificateProvider interface. If you are using the file provider sample, it is as above. If you are implementing your own provider, verify that it matches your class. Use a short, unique descriptive name for the android:name.

  8. Modify the index.html so that the appConfig and the smpConfig are correct for your environment.
  9. Build the Hybrid SDK (Kapsel) project with the command cordova build. Verify that the application can register with the SAP Mobile Platform Server.

Task overview: Using the X.509 Certificate Provider Interface to Integrate with Third-Party Certificate Providers