alt text

This is an ongoing research topic with CrypSafe, the Media MicroCloud and all mobile web servers using the HTTPS protocol. This article explains why the warning appears and how you can confirm that your browser is truly connected to the mobile server you think it is.

The Problem Defined
When you click on a https link or key a URL starting with https into a web browser, the browser inspects the public key certificate that is used to prove ownership of a public key. It further confirms the identity of a domain or specific computer.

When all is well, there are no warnings and you get a nice little green “https” starting your URL, life is good. When things are not quite right, warnings appear and the user has to decide if they want to continue to the site or abort.

Here is the core problem. When a user connects to a web-app, the browser tries to confirm it is connecting to a known computer. Security certificates are designed for a computer with a fixed IP address or a fixed domain name, and the mobile smartphone computer has neither. You can’t assign a domain name to your smartphone and you can’t give your smartphone a fixed IP address.

Unfortunately, until research can resolve this problem, we need to live with it. Communications will still be encrypted but warnings will continue to persist, unless you add the certificate to your keystore.

How To Confirm You Are Connected To The Right Computer
There are two steps:

  1. Observe the IP address you are connecting to in the web browser and
  2. Confirm that it is the same address assigned to the smartphone.

CrypSafe Two Step IP Check

alt text

MediaMicroCloud Two Step IP Check

alt text

Note that communications are still be encrypted with CrypSafe and the Media MicroCloud. Examine the certificate and you can confirm communications are encrypted. It is just that the browser cannot confirm the identity of the host computer.