Http requests fails only while releasing Android build APK


#1

I’m struggling in making my app work on Android APK release, the only scenario it fails is at generating and signing the apk. All http requests doesn’t work. (The server is running under SSL)

All Scenarios I’ve tried already:

  • ionic serve -> Works fine.
  • ionic cordova run android --device -> Works fine.
  • Works on emulators as well.

Also works fine generating the iOS build:

  • ionic cordova build ios.
  • ionic cordova run ios --device.
  • On Xcode, running build targeting a real device.
  • On Xcode, archiving and uploading it to Itunesconnect then downloading it from AppStore once it’s accepted by Apple.

So, the only case it doesn’t work is when I try to generate it’s apk through ionic cordova build android --prod --release and signing it.

Google Play also accepts the new APK, so there’s no problem with the package sign at all.

Since it works on iOS and running directly on android device, it isn’t a CORS or HTTPS certificate problem.

The code:

snippet of login.ts:

this.userService.loginUser(this.user).then(
            (data) => {
                let response = data.json();
                loading.dismiss().then(loadData => {
                    if (response.access_token) {
                        this.global.access_token = response.access_token;
                        this.getUserData();
                    }
                });
            }, err => {
                let error = err.json();
                loading.dismiss().then(response => {
                    if (error.message) {
                        this.showToast(error.message, 3000, 'bottom');
                    }
                });
            }
        );

userService.loginUser method:

loginUser(data) {
    let headers = new Headers();
    headers.append('Access-Control-Allow-Origin', '*');
    headers.append('auth-token', '*');

    return this.abs.post('/authenticateMobile',
        {
            login_ds_email: data.email,
            login_ds_password: data.pass
        }, headers);
}

Where abs is:

constructor(http) {
    this.abs = new ApiService(http);
}

ApiService.post method:

public post(api, params, header): any {
    if (!header) {
        header = this.getHeaders();
    }
    let options = new RequestOptions({headers: header});
    let url = this.global.urlGlobal + api;
    return this.http.post(url, params, options).toPromise();
}

The App gets stuck when I fire “login” button and the request is made. There’s no exception thrown by the server, so the loading screen is shown forever.

I’ve running out of solutions for this and I hope you guys can help me out.

Ionic info:

global packages:

@ionic/cli-utils : 1.4.0
Cordova CLI      : 6.4.0
Gulp CLI         : CLI version 3.9.1 Local version 3.9.1
Ionic CLI        : 3.4.0

local packages:

@ionic/app-scripts              : 1.3.0
@ionic/cli-plugin-cordova       : 1.4.0
@ionic/cli-plugin-gulp          : 1.0.1
@ionic/cli-plugin-ionic-angular : 1.3.1
Cordova Platforms               : android 6.0.0 ios 4.3.1
Ionic Framework                 : ionic-angular 3.0.1

System:

Node       : v7.8.0
OS         : macOS Sierra
Xcode      : Xcode 8.3.3 Build version 8E3004b
ios-deploy : 1.9.0
ios-sim    : 5.0.6
npm        : 5.0.3

#2

Is it --prod or --release that breaks your app? These are two different things that can be used independently.

Try ionic cordova build android --prod and see if this still works. You can then remote debug on the device to see what is going wrong: https://ionic.zone/debug/remote-debug-your-app#android Look at the console and network tabs for errors.


#3

Hey @Sujan12, thank you for the reply on this.

Actually I always ran the build with only --release option, digging around for a solution I found --prod that only compress the code to run faster, no help from that tho.

I can see the requests generating the debug-mode apk through ionic cordova build android, the problem is that the app works on debug mode, it only doesn’t work if I sign the --release apk, and I can’t debug it on chrome inspect.

It’s driving me nuts, maybe it’s a issue with the requested server’s SLL certificate? If so, why it does work on iOS production app? maybe the way I’m signing the APK is preventing me from requesting SSL servers?


#4

Don’t know if this is your issue or not (haven’t read the post in detail) but I have run into a similar issue with Android release builds, and it was indeed an issue with the SSL certificate when making https requests. Even if the https URL works in some browsers, if the intermediate certificates are not set up correctly then it would cause the request to fail on Android in release mode. Run the URL you are hitting through an SSL checker to see if there are any issues and fix those: https://www.ssllabs.com/ssltest/


#5

Yeah, Indeed a Certificate problem, deep in my mind I always knew about that, just didn’t make more tests to figure it out. thank you for the reply!

In my question at stackoverflow, someone post a workaround that makes cordova ignore failed SSL verifications works for test purpose.


#6

Hey, I think I’m facing the same issue, click on connexion button show me an infinite loader. However the ssl analysis don’t show anything bad … Could you explain what was your mistake and what I should correct ?
Here the analysis https://www.ssllabs.com/ssltest/analyze.html?d=api.louisparet.fr

Thanks


#7

did you found a solution?


#8

It solved my problem, thanks Josh.


#9

I am having similar issue in ionic project. Found ssl certificate issue accrding to you.

Not recommended solution.
update file placed in below path according to snippet.
“project/platforms/android/CordovaLib/src/org/apache/cordova/engine/SystemWebViewClient.java”

public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {
final String packageName = this.cordova.getActivity().getPackageName();
final PackageManager pm = this.cordova.getActivity().getPackageManager();
ApplicationInfo appInfo;
try {
appInfo = pm.getApplicationInfo(packageName, PackageManager.GET_META_DATA);
if ((appInfo.flags & ApplicationInfo.FLAG_DEBUGGABLE) != 0) {
// debug = true
handler.proceed();
return;
} else {
// debug = false
// THIS IS WHAT YOU NEED TO CHANGE:
// 1. COMMENT THIS LINE
// super.onReceivedSslError(view, handler, error);
// 2. ADD THESE TWO LINES
// ---->
handler.proceed();
return;
// <----
}
} catch (NameNotFoundException e) {
// When it doubt, lock it out!
super.onReceivedSslError(view, handler, error);
}
}


#10

Hi, I have same problem. I know this cause if I change java file my app works, however I check my ssl on website you said And I see all right (or maybe I’m in a mistake).
I’d like ask for two things :slight_smile:

  • the domain where I make request is https://workreports.goltratec.com . Could you check with sslchecker if you see all right.
  • and second is… can I print someway the error that receive java function to know more about the problem?

Thanks :pray:


#11

I also have the same issue where request does not work below Android 5. Did anyone find a solution for the issue ?? And also I did an SSL check which looks fine.


#12

I’ve found a solution, in my case the problem was an intermediate certificate configuration error. You can read about that on this article https://www.digicert.com/util/repair-intermediate-ssl-certificate-errors-using-digicert-utility-for-microsoft-servers.htm and this https://medium.com/@itzfitz/how-to-fix-comodo-certificate-not-trusted-on-android-devices-afa405a35310


#13

Hello.
This solves your problem.

Before your petition.

this.http.setSSLCertMode(‘nocheck’).then((resp: any) => {
console.log(resp);
}, (error) => {
console.log(error);
});


#14

This was my issue, too. I didn’t follow the steps and just installed my cert straight away. Once I cat’d the certs and restarted NGINX no more errors.