Invalid SSL certificate with cordova-plugin-crosswalk-webview


#1

For our app I have to use the crosswalk webview, latest version 2.3.0. The problem is we have to use a SSL connection for https and wss calls, but there is not a trusted certificate.

On every request we make over https we get a TOAST message (which in my opinion does not came from IONIC but from cordova plugin) “Request was denied for security.”

We have a not trusted SSL certificate and I think this should be the problem! But I’m not able to resolve the problem, I tried many thinks like this

http://ivancevich.me/articles/ignoring-invalid-ssl-certificates-on-cordova-android-ios/

This is a very urgent problem, perhaps someone from the ionic team can help me? @brandyshea @mhartington


#2

The toast is actually from Android it self, so it’s happening at the browser level. To be fair, the best/correct way to resolve this would be to get a trusted ssl certificated.

Both Android and iOS have been cracking down on accessing non-secure resources.


#3

@mhartington okay thx you very much. Tomorrow I will install a valid certificate!! thx you so much for your help as always!


#4

For anybody else in this situation, I recommend Let’s Encrypt.


#5

Yes we also use Let’s encrypt :slight_smile: the only problem was to install this to the hardware I need support of our hardware team which will take several days :slight_smile:

thx to everyone


#6

So the SSL certificate from this place is free?
If I use it in my web app Chrome will not say it is an untrusted certificate?


#7

Yes and yes and padding.


#8

Another good one is cloudflare.com, they’re who I use and I never have any downtime, slow connections, certificate issues or anything. Gets the job best to it’s abilities in my opinion.


#9

We can not use LET’s encrypt on a LOCAL hardware. We have a gateway and have a ionic software which is configuring the gateway. So this is an embedded solution and not a WEB solution.

So all this is not a solution for us, but we found a workaround on the problem. If we have a solution for it we would like to share it here!


#10

You can use probably Android’s Network Security Configuration to support self signed certificates,

https://developer.android.com/training/articles/security-config.html, at the moment none of us was able to get it work.

I would like to open later a new post to discuss this and close this thread.