Self Sign Certificate Error after Ionic (Ionic Start)

Sujan12 · May 24, 2017, 9:46am

CORS is a browser thing, Ionic has no influence on this at all.

Sujan12 · May 24, 2017, 9:47am

Your work network is broken, not much we can do.

But you can create an issue here, to make the Ionic CLI developers aware of the change: https://github.com/driftyco/ionic-cli

derekstwong · May 25, 2017, 1:10am

Thanks for reply.
Gratefully found one temporary solution, but of course, TEMPORARY.

"if this is a self signed cert issue then you can temporarily set an environment variable NODE_TLS_REJECT_UNAUTHORIZED=0 then clear the variable when you are done"
REF: https://github.com/driftyco/ionic-cli/issues/2317

Many thanks for support

FrancoisIonic · May 27, 2017, 2:47am

Lol and this has nothing to do with CORS policy, sorry ;D

Jingzhou · June 2, 2017, 9:27am

@derekstwong
hello, I suppose I am suffering the same problem as you had. I am also using a self signed certificate on the https url. below is my log print out …

POST https://10.0.0.103:9443/oauth2/token net::ERR_INSECURE_RESPONSE
XHR failed loading: POST "https://10.0.0.103:9443/oauth2/token".
Error: XHR aborted: https://10.0.0.103:9443/oauth2/token
    at XMLHttpRequest.xhr.onerror.xhr.onabort (file:///android_asset/www/build/main.js:130849:21)
    at XMLHttpRequest.o [as __zone_symbol___onerror] (file:///android_asset/www/build/polyfills.js:2:24340)
    at t.invokeTask (file:///android_asset/www/build/polyfills.js:3:9655)
    at Object.onInvokeTask (file:///android_asset/www/build/main.js:4397:37)
    at t.invokeTask (file:///android_asset/www/build/polyfills.js:3:9576)
    at r.runTask (file:///android_asset/www/build/polyfills.js:3:4831)
    at XMLHttpRequest.invoke (file:///android_asset/www/build/polyfills.js:3:10633)

I am not sure about your environment, but I am debugging on an android mobile device via adb connection, and chrome devices inspect.
can you please enlighten me on code details

thanks

derekstwong · June 3, 2017, 1:08am

@Jingzhou
Hello, there are quite a lot issues about certificate, but I am not blaming the fault of this security setting.

From your case, it may be related to the algorithm for your latest chrome update.

Try reading the below link, hope it helps.

dalie · August 23, 2017, 6:30pm

Although this question already has an accepted answer I’d like to add an alternative. It basically comes down to adding the proxy property to your ionic.config.json file (located in the root of your project). This overcomes both the Self-Signed Certificate issue and (if applicable) CORS. Source: self-signed-certificates-proxies-and-ionic-2+

{
  ...
  "proxies": [
    {
      "path": "/",
      "proxyUrl": "<url-to-your-domain> e.g. https://api.ionicrun:8443/",
      "rejectUnauthorized": false
    }
  ]
}

AndrWeisR · December 13, 2017, 4:37am

Worked for me, when trying to connect to my ionic account from “ionic io init” on a company network.
“npm config set ssl-strict=false” etc didn’t work for me.

Tommertom · December 23, 2020, 3:57pm

Hi,

warped in 2020, this did the trick for me (company environment with recently zscaler active)

set NODE_TLS_REJECT_UNAUTHORIZED=0

and

npm config set strict-ssl false

And luckily node issues warnings to remind me to undo immediately after completing ionic start

Because it isnt very secure

Regards
Tom