How to trust a self-signed certificate

hlamprecht · February 4, 2020, 6:51pm

Dear,

we have a setup, where our app is required to connect to a remove REST-API on a server, which uses a self-signed certificate. As this is all within a closed, secured network, this is no issue security-wise. However, the app refuses to connect to the server.

We tried to import the root-certificate on the iPad, which works perfectly in Safari-Browser. But the app still refuses to connect, telling that the certificate is invalid.

Any hints or ideas how we can solve the issue are highly appreciated

Thanks, Heiner

rapropos · February 4, 2020, 8:05pm

LetsEncrypt provides free certs. I would just use one of those.

hlamprecht · February 8, 2020, 8:07pm

No option. The system is provided by our customer who will not provide “real” certificates. Anyhow, after fixing the server configuration, everything works fine. I’m just still confused why the browser behaves differently from the compiled app.

rapropos · February 9, 2020, 1:42am

Because mobile OS makers are proactively attempting to drag people like your customer into the 21st century by mandating proper security.