In my app i need to make https request to server with self-signed certificate. Problem is, when i build app with --release parameter, it just dont work, because the certificate is self-signed and so considered as invalid. Is there any way to bypass this? Iam getting really desperate 
2 Likes
Found this article, did you already saw it? could that help?
http://ivancevich.me/articles/ignoring-invalid-ssl-certificates-on-cordova-android-ios/
3 Likes
Also found this plugin, did you tried it?
Other idea, if possible, why not using a not self signed certificate?
Like Let’s Encrypt, these certificates are free. You just have to renew them every three months (I think) but you could automate this task.
The problem is that its clients server, co i have no control over certificate, i have only installed api… Ill try that certificate plugin, but how do i use plugin that is not in ionic native, like this one?
What a bummer that you can’t control the server 
I didn’t used personally this plugin, so the following just gonna be best guess ok?
According the README you would have to activate the plugin by calling
cordova.plugins.certificates.trustUnsecureCerts(true)
To do so you could, I guess, just declare cordova before your class, like
declare var cordova:any;
@Component({...})
export class ...
this will tells the build process that cordova has any types and therefore won’t throw a compilation error.
Note: it looks like this plugin doesn’t work for iOS/WkWebView (https://github.com/hypery2k/cordova-certificate-plugin/issues/18) therefor if you finally really goes with this solution, I would ensure to only use it on Android
But like I said, these are only spontaneous guess
1 Like
and so i activate this i just write cordova.plugins.certificates.trustUnsecureCerts(true) somewhere in my app and it will work for all requests?
Well according the README it sounds like this but like I said I never tried this plugin so for me it’s only a guess
Tried it, doesnt seems to be working, but anyway thx form help. Anyone has some experience with this plugin?
1 Like
i tried http://ivancevich.me/articles/ignoring-invalid-ssl-certificates-on-cordova-android-ios/1
and it works 
Thx a lot As a temporary solution it is ok, but i dont know if it isnt a security issue in production.
So cool! Glad to hear you find a solution, congrats!
Of course for a production solution it would maybe be better to use a not self signed certificate for the server, maybe the guys who handle the servers gonna improve that…
1 Like
Yea i will talk with their IT tommorow, so we will see Now its up to them. But anyway thx a lot for your help and time
1 Like
Finger crossed, good luck
Has anyone figured out the self-signed cert in Ionic 4?
I’m using Angular HttpClient to call my web services and it’s not working. Would love to see a solution if any can help.
thx 
works in ionic 4 too. In cordova 7+ /SystemWebViewClient.java instead of /CordovaWebViewClient.java
had the same problem
try this in \app\platforms\android\CordovaLib\src\org\apache\cordova\engine\SystemWebViewClient.java
ca row 228
use handler.proceed(); instead of super.onReceivedSslError(view, handler, error);
ApplicationInfo appInfo;
try {
appInfo = pm.getApplicationInfo(packageName, PackageManager.GET_META_DATA);
if ((appInfo.flags & ApplicationInfo.FLAG_DEBUGGABLE) != 0) {
// debug = true
handler.proceed();
return;
} else {
// debug = false
//super.onReceivedSslError(view, handler, error);
handler.proceed();
}
} catch (NameNotFoundException e) {
// When it doubt, lock it out!
super.onReceivedSslError(view, handler, error);
}
worked for me with ionic 4 anc cordova andrid @7.1.4
Hey guys, sorry to reopen: I’ve tried the cordova-certificate-plugin trustUnsecureCerts() but I’m not able to use that in production: actually accessing cordova breaks the application, in fact the trustUnsecureCerts is undefined… Somebody has been experiencing this?
I have one more question, is there a way to make this workaround work in app with capacitor? Or any other way to make selfsigned cretificates work in capacitor based apps?
1 Like
Hi, I have the same problem with capacitor on ios, did you find any solution?
1 Like
iam sorry, but i have no experience with this on ios. I wasnt able to solve it even on android with capacitor. Looks like http native and certificate pinning is the only way, but i havent tried it yet.