How can the client know if the SSL certificate specified in the service-config.xml file is invalid/untrusted/expired? For example using iOS client, the trusted certificate will not work and the client has no way to know that the certificate is untrusted. Can the lcds server return any specific exceptions for SSL errors?
We use a standard Java keystore and certificate validation can be handled as per standard best practices. At present we do not provide a hook point to validate the server certificate. However, you can register a bootstrap service which validates the certificate on system startup: http://help.adobe.com/en_US/dataservicesjee/4.6/Developing/WSc3ff6d0ea77859461172e0811f00f 6fe7f-7ffeUpdate.html This would require you to pass another copy of the keystore configuration to you Bootstrap service and then you can inspect the certificate in the keystore and validate it.