See Also: SSLCertificateSocketFactory Members
SSLSocketFactory implementation with several extra features:
Most Javax.Net.Ssl.SSLSocketFactory implementations do not verify the server's identity, allowing man-in-the-middle attacks. This implementation does check the server's certificate hostname, but only for createSocket variants that specify a hostname. When using methods that use Java.Net.InetAddress or which return an unconnected socket, you MUST verify the server's identity yourself to ensure a secure connection.
One way to verify the server's identity is to use Javax.Net.Ssl.HttpsURLConnection.DefaultHostnameVerifier to get a Javax.Net.Ssl.IHostnameVerifier to verify the certificate hostname.
On development devices, "setprop socket.relaxsslcheck yes" bypasses all SSL certificate and hostname checks for testing purposes. This setting requires root access.