Http request action streamlined to also cover the insecure setting in the same function.

app/src/main/java/com/jens/automation2/Action.java

@@ -769,10 +769,10 @@ public class Action
 	    		Miscellaneous.logEvent("i", "HTTP Request", "Attempt " + String.valueOf(attempts++) + " of " + String.valueOf(Settings.httpAttempts), 3);
 
 				// Either thorough checking or no encryption
-				if(!Settings.httpAcceptAllCertificates || !urlString.toLowerCase(Locale.getDefault()).contains("https"))
+//				if(!Settings.httpAcceptAllCertificates || !urlString.toLowerCase(Locale.getDefault()).contains("https"))
 					response = Miscellaneous.downloadURL(urlString, urlUsername, urlPassword, method, httpParams);
-				else
+//				else
-					response = Miscellaneous.downloadUrlWithoutCertificateChecking(urlString, urlUsername, urlPassword, method, httpParams);
+//					response = Miscellaneous.downloadUrlWithoutCertificateChecking(urlString, urlUsername, urlPassword, method, httpParams);
 
 				try
 				{

app/src/main/java/com/jens/automation2/Miscellaneous.java

@@ -92,6 +92,7 @@ import java.security.KeyManagementException;
 import java.security.KeyStore;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
 import java.text.DateFormat;
@@ -135,6 +136,27 @@ public class Miscellaneous extends Service
 
 	public static final String lineSeparator = System.getProperty("line.separator");
 
+	public static class TrustAllCertificates implements X509TrustManager
+	{
+		@Override
+		public void checkClientTrusted(X509Certificate[] chain, String authType)
+		{
+			// Do nothing (trust all clients)
+		}
+
+		@Override
+		public void checkServerTrusted(X509Certificate[] chain, String authType)
+		{
+			// Do nothing (trust all servers)
+		}
+
+		@Override
+		public X509Certificate[] getAcceptedIssuers()
+		{
+			return new X509Certificate[0]; // No accepted issuers
+		}
+	}
+
 	public static String downloadURL(String url, String username, String password, String method, Map<String, String> httpParams)
 	{
 		HttpClient httpclient = new DefaultHttpClient();
@@ -151,6 +173,18 @@ public class Miscellaneous extends Service
                 if(url.toLowerCase().contains("https"))
 				{
 					connection = (HttpsURLConnection) urlObject.openConnection();
+					if(Settings.httpAcceptAllCertificates)
+					{
+						SSLContext sslContext = SSLContext.getInstance("TLS"); // Use "TLS" (not "SSL" which is outdated)
+						sslContext.init(
+								null, // No KeyManager (client authentication not needed)
+								new TrustManager[]{new TrustAllCertificates()}, // Use our trust manager
+								new SecureRandom() // Secure random number generator
+						);
+						((HttpsURLConnection)connection).setSSLSocketFactory(sslContext.getSocketFactory());
+						((HttpsURLConnection)connection).setHostnameVerifier((hostname, session) -> true); // Trust all hostnames
+
+					}
 				}
                 else
                 	connection = (HttpURLConnection) urlObject.openConnection();

fastlane/metadata/android/en-US/changelogs/147.txt

@@ -1 +1,2 @@
 * Added: Added further options to the trigger url action.
+* Added: Gradle and libraries updated.