I am trying to setup a https ktor server running on my android app. i don't have a central server, so I want every app to generate their own self signed certificate. but i can't seem to figure this out. I use this for my keyStore:

val keyStore = KeyStore.getInstance(KeyStore.getDefaultType())
keyStore.load(null, null)

and this to setup the server:

val environment = applicationEngineEnvironment {
                    sslConnector(
                        keyStore = keyStore,
                        keyAlias = "",
                        keyStorePassword = { "".toCharArray() },
                        privateKeyPassword = { "".toCharArray() }
                    ) {
                        port = SERVER_HTTPS_PORT
                    }
                    module {
                        routing {
// ...

however, when I run the app i get

java.lang.NullPointerException: connector.keyStore.getCe…Chain(connector.keyAlias) must not be null
                                                                                                    	at io.ktor.server.netty.NettyChannelInitializer.<init>(NettyChannelInitializer.kt:54)
                                                                                                    	at io.ktor.server.netty.NettyApplicationEngine.createBootstrap(NettyApplicationEngine.kt:182)
                                                                                                    	at io.ktor.server.netty.NettyApplicationEngine.access$createBootstrap(NettyApplicationEngine.kt:30)
                                                                                                    	at io.ktor.server.netty.NettyApplicationEngine$bootstraps$2.invoke(NettyApplicationEngine.kt:163)
                                                                                                    	at io.ktor.server.netty.NettyApplicationEngine$bootstraps$2.invoke(NettyApplicationEngine.kt:162)

The error seems to be that ktor expects to have some key alias, however the Android Keystore afaik has none. Was anyone able to get this working?

How do you import the key to the keystore or how do you generate entries in the keystore?

@Aleksei Tirman [JB] I don't, this is all the code I am using right now. First time using keystores and whatnot so probably i am missing something here

I don't think there is a solution that works both on Android and JVM. You need to find out how to generate self-signed certificates on Android in the code.

alright. ill see if i can figure out how to add keys to the keystore as you said. thanks for th epointer Aleksei

What do you mean by "JKS"?

the reason why buildKeyStore {} doesnt work on Android is because Android does not support "JKS". It's a type you pass to:

val store = KeyStore.getInstance("JKS")!!

see the build() part of buildKeyStore{} at that line, Android throw a:

Caused by: java.security.KeyStoreException: JKS not found

if you replace that with

val store = KeyStore.getInstance(KeyStore.getDefaultType())!!

it work on Android

Hey, is there any chance you guys can add support for Android Keystore in the Ktor engine? I am running into a issue where if I send a Android Keystore, Netty is trying to extract my private key, which it is not allowed by Android Keystore. Why does Netty need to extract it and create its own Keystore? I am basically have the same issue as in here. Unfortunately removing "BC" provider is not an option since we are using Android Keystore for security reasons. Let me know if you guys have any suggestion. I would appreciate some help on this.

@Kivia Brito, can you please file an issue to address this problem?

Created, thanks for the quick response. https://youtrack.jetbrains.com/issue/KTOR-7341/Add-support-for-Android-Keystore-in-Ktor Do you guys have a timeline for this? I am asking because I am working on a project that depends on this, I would need something working by the end of November, otherwise I will probably have to figure it out another solution or put the project at risk. Just trying to find out my options here. Thanks again.