Invalid SSL certificate with cordova-plugin-crosswalk-webview

For our app I have to use the crosswalk webview, latest version 2.3.0. The problem is we have to use a SSL connection for https and wss calls, but there is not a trusted certificate.

On every request we make over https we get a TOAST message (which in my opinion does not came from IONIC but from cordova plugin) “Request was denied for security.”

image

We have a not trusted SSL certificate and I think this should be the problem! But I’m not able to resolve the problem, I tried many thinks like this

http://ivancevich.me/articles/ignoring-invalid-ssl-certificates-on-cordova-android-ios/

This is a very urgent problem, perhaps someone from the ionic team can help me? @brandyshea @mhartington

The toast is actually from Android it self, so it’s happening at the browser level. To be fair, the best/correct way to resolve this would be to get a trusted ssl certificated.

Both Android and iOS have been cracking down on accessing non-secure resources.

@mhartington okay thx you very much. Tomorrow I will install a valid certificate!! thx you so much for your help as always!

For anybody else in this situation, I recommend Let’s Encrypt.

Yes we also use Let’s encrypt :slight_smile: the only problem was to install this to the hardware I need support of our hardware team which will take several days :slight_smile:

thx to everyone

So the SSL certificate from this place is free?
If I use it in my web app Chrome will not say it is an untrusted certificate?

Yes and yes and padding.

1 Like

Another good one is cloudflare.com, they’re who I use and I never have any downtime, slow connections, certificate issues or anything. Gets the job best to it’s abilities in my opinion.

We can not use LET’s encrypt on a LOCAL hardware. We have a gateway and have a ionic software which is configuring the gateway. So this is an embedded solution and not a WEB solution.

So all this is not a solution for us, but we found a workaround on the problem. If we have a solution for it we would like to share it here!

You can use probably Android’s Network Security Configuration to support self signed certificates,

https://developer.android.com/training/articles/security-config.html, at the moment none of us was able to get it work.

I would like to open later a new post to discuss this and close this thread.

Hello I’m new here. I’ve a ssl certification error while lunching my app(capacitor).
I tried everything I found here( Android’s Network Security ) but till now it didn’t work.
here is the error:
I/X509Util: Failed to validate the certificate chain, error: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
E/chromium: [ERROR:ssl_client_socket_impl.cc(941)] handshake failed; returned -1, SSL error code 1, net_error -202.
I got the error after public key generated. need help please.

1 Like

How did you solve this problem? I have the same issue here.

hello to try this. In your Bridge.java Add the sslReceidError méthode to the webview client.

03:46
You will find the Bridge.java class in capacitor-android/java/util. Add the onReceivedSslError method. Like this: public void onReceivedSslError(Webview view,SslErrorHandler handler, SslError error){ handler.proceed(); }

You’ll add this method in webview.setWebViewClient(new WebviewClie

I tried this:

  1. Get the certificates from the server (your_certificate.pem) and generate .crt file.
  2. Put your_certificate.crt file in /your-app/android/app/src/main/res/raw/
  3. Add the file network_security_config.xml in /your-app/android/app/src/main/res/xml/

File network_security_config.xml:

<network-security-config>
    <base-config cleartextTrafficPermitted="false">
        <trust-anchors>
            <certificates src="@raw/your_certificate"/>
            <certificates src="system"/>
        </trust-anchors>
    </base-config>
    <debug-overrides>
        <trust-anchors cleartextTrafficPermitted="false">
            <certificates src="@raw/your_certificate"/>
            <certificates src="system"/>
        </trust-anchors>
    </debug-overrides>
</network-security-config>

I have this structure because i use ionic 3 + Capacitor.