Caveat: What I write below is what I arrived at to make my app work without passing the onus onto users. My app is actually used extensively with self-signed SSL certs where each person using my app installs an open source home security server - so there is no way I can tell them to ‘go get a commercial and properly signed cert’ --> these are mostly IT administrators who lock their systems down with VPN tunnels , so my tips may be more risky for you if its a public server.
Hi, a few things:
- By enabling untrusted SSL certs, you are bypassing one of the key features of SSL - trust
- That being said, its better than your app not working
Note that its not necessary that you are using self-signed certs. If you read through the Xwalk issue thread I posted above, you’ll note they have issues with how certificates are generated even for paid certs (lets encrypt was an example). Unless you can influence your service provider to fix the cert, you don’t really have an option.
The core logic is you have to override onReceivedSSLError. They are however handled differently if you use Xwalk or System WebView in Android. And there is iOS as well.
I finally figured out two plugins that met my purpose, rather than maintaining hacked files on my own:
For X-Walk: https://github.com/danjarvis/cordova-plugin-crosswalk-certificate
For native: cordova plugin add https://github.com/hypery2k/cordova-certificate-plugin
My build script adds/removes them depending on which port it is building
Enabling it is one convenient line.