Attempt to load the new letsencrypt x1 and x2 certs.

[notandyvee]

What

This PR fixes an SSL issue, Error: javax.net.ssl.SSLHandshakeException. Many users on Android 6 and 7 for simplenote cannot login. Michal did a great investigation on this here. Digging into the the reasoning, more info can be found here.

A quick TL;DR of what happened is, most clients come with pre-installed trusted certificates for SSL. People on older devices, Android 7 and earlier for example, do not have the updated list of trusted certificates. Letsencrypt wants to stop relying on cross-signed certificates, thus they ended support for it. But this means any clients without these new self-signed certificates will start having ssl issues.

The Fix

The fix is two parts.

1. We need to store the new certificates in our app.
2. We need to apply this new certificate when making network calls.

For the certificates part, you can get them directly on letsencrypt.com. They are added in the raw resources directory directly as PEM files.

For the network calls this was a bit tricker. Originally I was going to use a similar process that Michal used with the network_security_configuration.xml file. This is the simplest and most straightforward approach. But I ran into a problem. We support a min SDK of 23. Security configuration file support wasn't added until SDK 24 😢 . Sadly we have to load the certificates manually. So it made sense to programmatically do this for Android APIs < 25. Meaning both Android 6 and 7.

Test

• Ensure testing on simplenote android works.

[notandyvee]

@danilo04 if you have bandwidth. Happiness is waiting for a fix to communicate to users.

[roundhill]

Changes LGTM and I confirmed this fixed the issue on Android 6 and 7 devices running Simplenote.