I have my Android App on production. Earlier we were using TLS 1.0 to connect the app to the server and it was working fine. Recently we upgraded the TLS to 1.2 and our app seems to stop connecting the server. My app min and max supported version are given below:
android:minSdkVersion="10" android:targetSdkVersion="21"
Everything is working fine for iOS app, I am only facing this issue in case of android. How do I make it work?
Edit:
I did little digging and found that the android device is not trusting the certificate: Following are the certificate info from the link which my app connects to:
Certificate info on iPhone Chrome Browser
Certificate info on Android Chrome Browser
I will update the logs as soon as I have access to those.
Related
After enabled https on back end nodejs server, the http request URL was changed from http to https in React Native 0.66 app. Now in Android emulator (API 27), the app does not send out any http request to back end server at all. android:usesCleartextTraffic="true" was added to AndroidManifest.xml but it didn't help (removing it has no impact either). It must be the issue about late android API which requires https in production. But I don't quite understand why https didn't work in Android emulator.
The development platform is macOS Big Sur for both IOS and Android which open their own emulators respectively. The IOS version of the app works fine after https was enabled. But android version of the app does not.
I'm able to import the certificate into Android via settings/security/trusted credentials without a problem and have tried this on Android 4.1, 4.4, and 6.x without success. SSL cert is generated with v3_req and v3_ca via openssl. We use the web app offline and neither the app manifest nor service workers will work without a "green lock". With Chrome moving to require SSL for app manifest soon (and deprecating it in favor of service workers), this is pretty important. The server is IIS 8 (also tried on IIS 7). I swear this worked in the past! Any help would be appreciated.
Works fine in Chrome on Windows and Linux (able to import cert and get the green lock instead of red). Firefox works fine on Android.
This is for an internal web server on a .local domain.
I am currently developing a cordova 4.3 android app in Visual Studio 2015 RC. It's an AngularJS app and I use $resource to send requests to an ASP.NET Web Api application running on a different port on the same computer. Debugging the app in Ripple works fine if I disable the Cross Domain Proxy but when I try to debug in the Visual Studio Android Emulator or on my Android device I get a not very helpful "Failed to load resource" as soon as try to reach the web api. The url looks correct and I suspect the problem has to do with either CORS or my HTTPS certificate or both? What I have tried so far is:
Set <uses-permission android:name="android.permission.INTERNET" /> and android:debuggable="true" in the manifest file.
Tried chrome://inspect/#devices to get more info about the problem but got the error message "Cannot load DevTools frontend from an untrusted origin".
I am able to connect my android phone chrome web browser to the localhost web api using the very helpful tool sharpproxy [https://www.codefromjames.com/wordpress/?p=97] but this approach unfortunately does not work with the app's webview.
The ajax request does work when I point the app to my azure hosted live web api endpoint where I have a valid https certificate but that is not very convenient to use while developing the app.
Made sure the config.xml-file contains <access origin="*" />
My web api is configured with app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll)
I am completely new to cordova/hybrid app development and am surely missing some obvious thing? Any help or suggestion would be very appreciated!!
After having all sort of problems with Visual Studio 2015 I uninstalled it went back to Visual Studio 2013 Update 4 and now I can connect my android device to a local running web api using sharp proxy I mentioned and linked to above.
So to be clear:
Use Visual Studio 2013 Update 4 to run your web api on for example the url https://localhost:44358/.
Start sharp proxy with external port 5000 and internal 44358.
Make sure your android device is connected to the same wifi and instruct your app to use https://your-ip-address:5000 for all service calls.
The phonegap app that was developed was able to login using SSL with other android devices. However, when I tested with and android 2.3.3 device, I was unable to log in. I have searched aroundand found out that 2.3.3 does not support SSL. Does any body have a work around for android 2.3.3 to support SSL? for this instance is sso saml 2.0
Thanks.
I recently noticed that an application I'm building fails to load properly on Android 2.2 due to an SSL certificate warning:
But it works just fine on Android 2.3. I didn't try any other versions yet. Any ideas what might be going on?
My current hypothesis is that Android 2.2's browser do not load intermediate certificates, can anybody confirm or deny that?