Truststore validation in ATAK

[jasonmhite]

First off, very cool project. Has been much easier to get set up with than some of the other TAK related projects and I'm having fun digging in.

That said, I'm struggling a bit with SSL and could use some guidance. I've tried just about everything, and I can successfully connect over SSL to goatak in ATAK. It connects and seems to be able to communicate, however it constantly nags me with this warning:

I've tried following the self-signed CA in the docs and also modifying it to use my own trusted CA installed on my devices. Both connect and are talking to goatak, I can even send data back and forth. But I can't get it to be happy with the truststore and make it stop with that annoying message pop up every time.

I will also note that I can't seem to get certificate enrollment to work despite setting up the external validation through a reverse proxy using a certificate I signed with my trusted CA (which is also trusted by the system running goatak).

[kdudkov]

didn't test self-signed certs for a while - may be it's a new validation in client. What version of ATAK do you use?

[jasonmhite]

I tried the self-signed setup you have in the documentation as well as generating them using my own valid CA that is installed on all devices, both give me the error.

ATAK version is the latest, 5.2.0.3. I haven't tried it on an older version, I probably could.