Self-signed certificate https doesnt work in release build


#1

In my app i need to make https request to server with self-signed certificate. Problem is, when i build app with --release parameter, it just dont work, because the certificate is self-signed and so considered as invalid. Is there any way to bypass this? Iam getting really desperate :smiley:


#2

Found this article, did you already saw it? could that help?

http://ivancevich.me/articles/ignoring-invalid-ssl-certificates-on-cordova-android-ios/


#3

Also found this plugin, did you tried it?


#4

Other idea, if possible, why not using a not self signed certificate?

Like Let’s Encrypt, these certificates are free. You just have to renew them every three months (I think) but you could automate this task.

https://letsencrypt.org


#5

The problem is that its clients server, co i have no control over certificate, i have only installed api… Ill try that certificate plugin, but how do i use plugin that is not in ionic native, like this one?


#6

What a bummer that you can’t control the server :frowning:

I didn’t used personally this plugin, so the following just gonna be best guess ok?

According the README you would have to activate the plugin by calling

 cordova.plugins.certificates.trustUnsecureCerts(true)

To do so you could, I guess, just declare cordova before your class, like

declare var cordova:any;

@Component({...})
export class ...

this will tells the build process that cordova has any types and therefore won’t throw a compilation error.

Note: it looks like this plugin doesn’t work for iOS/WkWebView (https://github.com/hypery2k/cordova-certificate-plugin/issues/18) therefor if you finally really goes with this solution, I would ensure to only use it on Android

But like I said, these are only spontaneous guess


#7

and so i activate this i just write cordova.plugins.certificates.trustUnsecureCerts(true) somewhere in my app and it will work for all requests?


#8

Well according the README it sounds like this but like I said I never tried this plugin so for me it’s only a guess


#9

Tried it, doesnt seems to be working, but anyway thx form help. Anyone has some experience with this plugin?


#10

i tried http://ivancevich.me/articles/ignoring-invalid-ssl-certificates-on-cordova-android-ios/1

and it works :slight_smile: Thx a lot :slight_smile: As a temporary solution it is ok, but i dont know if it isnt a security issue in production.


#11

So cool! Glad to hear you find a solution, congrats!

Of course for a production solution it would maybe be better to use a not self signed certificate for the server, maybe the guys who handle the servers gonna improve that…


#12

Yea i will talk with their IT tommorow, so we will see :slight_smile: Now its up to them. But anyway thx a lot for your help and time


#13

Finger crossed, good luck :slight_smile: