HTTP with client certificate authentication


#1

Hello,
Did anyone already implement a HTTP request with certificate based authentication?
When I open the URL of my backend service with Chrome browser on my mobile phone, it is asking for client certificate, which is fine. When I open the URL in my Ionic 2 app, there is just “ERROR EMPTY RESPONSE”. Does anyone know how to handle this? Thanks :slight_smile:


No conecta al api rest
#2

Hi if you are using ionic-native http plugin:

this.http.validateDomainName(false)      
this.http.acceptAllCerts(true)

and set right the white list in config.xml and Content-Security-Policy in index.html

or If you are using http angular2

use this plugin
https://github.com/hypery2k/cordova-certificate-plugin

manually you can set info.list and set “NSAppTransportSecurity” key


#3

Hello dredondo,

I don’t think you understood correctly. I am talking about client-certificate authentication to a web application, not SSL topic. The user has to authenticate himself via a authentication certificate (digital signature).


#4

Have you ever figured out a way to fix this? I’m facing the same problem right now. I do have the user certificate installed on my test device and I can access my webservice on my Desktop PC by installing said certificate in chrome/firefox. Is there perhaps a similar option in ionic as “Automatically Select Certificate” found in Firefox? At the moment I just get Connection Refused.


#5

Hello eskir,

Unfortunately not. I tried it with a plugin but it was not working :frowning:


#6

I’m currently playing around with the “cordova-client-cert-authentication” and “cordova-plugin-client-certificate” plugins. Especially the first one claims it’ll make it work just like the certificate selection on chrome, it doesn’t seem like it’s working quite yet (besides the fact that now --livereload results in my app closing because it can’t connect to the local ionic server) but I’ll post again if I get any results.


#7

Alright, not sure if this will help but I got it working:

I’ve installed both mentioned plugins and when I connect to my webservice, I now get a OS-level query on which client certificate to use. It’s weird though, I can no longer use my proxy configured in ionic.config.json (I configured this to avoid CORS errors on connecting to my webservice when I was testing in Chrome using IonicLab) - deployed on an android device, it just seems to work now which is really weird.

Edit:
Yeah, running on ionic serve --lab now no longer works because firefox and chrome are blocking CORS requests. The android WebView doesn’t seem to have any problems with this though. Strange.