In Android, is it possible to set up a keystore and truststore for an SSL socket using
System.setProperty("javax.net.ssl.keyStore","theKeystoreFilename");
System.setProperty("javax.net.ssl.trustStore","theTruststoreFilename");
Or should I make a Keystore object instead? If so, where should I put the keystore file? In assets?
No, android doesn't use those properties. Also you can't really set system-wide properties from an app, so this doesn't make much sense. Create KeyStore objects and load/add certificates as needed. If the set of trust anchors is static, you can store the raw file in assets. Storing keys is not really a good idea, since anyone can extract the.