I devloped an android app on 2.2. I used the Soap webservices in my app through https.
I used ssl certification to access those services. It works fine in version 2.2, but now my client want it on 2.1. So I changed the version and min sdk levels but when I run the app in 2.1 it gives me SSl socket exception. Now in my root folder of project it is showing 2.1 version. Could any one help me out?
There is a change in android OS 2.1 to 2.2 that has to do with SSL certificates. But cannot find the url right now.
In order to avoid that you could catch the exception and on SSLException you could reconnect the server with a non-secure connection. Keeping a sharedpreference in case of exception for future use of non-secure connections will avoid double connections all the time.
It not so elegant or secure way but it works for me.
Related
I develop cordova cross platform app using HTML5 & Javascript. But recently I encountered some problems with android.
Previously I was using Cordova 7 where android version was 6.3
Which supports android API 16 to 26. But as per new google rule, from August 2019, All app must be targeted Android API 28 which is Android 8 & Android 9.
Cordova's latest version is Cordova 9 which supports Android 8. Cordova did not release any version which supports Android 9.
So to develop App targeting API 28, I've to use Android 8. But I'm facing some problems with the app. Previously my app was working fine. When I develop app with Android 8 with Cordova 9, it is working fine with all phones which are Android 8 and below but showing error in Android 9. Specially with AJAX requests.
I'm sending AJAX requests to a server with http (not https). In some blog I see it might cause error. But I don't see any way to fix and currently I've no option to use https.
Another way is to set <preference name="android-targetSdkVersion" value="26" /> which works fine in all android version (6~9) but when I upload with this config in Google Play store, it shows warning to update to target API to 28.
So for now what should I do?
Thanks in advance.
N.B:
I found a way to use http but did not understand it at all. If anyone can explain I'll be glad. Link given below:
https://developer.android.com/training/articles/security-config
Ajax error in Cordova App after upgrade phone to Android 9 Pie API 28 Revision 6
All you have to do is include on AndroidManifest.xml the following key-pair-value on the application tag:
android:usesCleartextTraffic="true"
On API 28 this attribute is set false for default(for security reasons), in previous Android API it was true.
After a long searching I found out that "By Default", Android 9 do not allow to send request to http. It only allows to send requests to https urls. So all I had to do is to upgrade my server from http to https. No worry, its not that hard. If you use plesk for your server management, its like 2 clicks to install "Lets Encrypt" SSL certificate for FREE forever with auto renewal. It also shows Greenbar in Mozilla Firefox too. However if you use other than Plesk, then go to Lets Encrypt website and generate one and install it to your server. Thats all.
You still can make requests to http urls in Android 9 but still its a bit too complex for me to understand so I say pass. Also upgrading from http to https is giving me more security :)
The responses provided by Razin Abid and Stefano Boeri are both excelent answers, but for someone looking how to enable not secure http coonections in Android 9, plese check this answer: How to allow all Network connection types HTTP and HTTPS in Android (9) Pie?.
Please note that if you are working with Cordova, it is not a good idea to modify the AndroidManifest.xml (Android platform) file directly, but edit config.xml (project configuration file) instead.
You will have 2 tools to achieve it: config-file and edit-config, described with details in the Cordova Docs.
I migrated my server to another host company. All of my apps running android version < 6.0 are now failing to do HTTPS requests, but the problem doesn't apply to newer versions. Here is my error log.
Problem solved, it occured an error in the migration where the machine hosting my services already had a SSL certificate, that certificate wasn't trusted and was running in conflit with mine, causing errors in the older android versions.
I have an android app which makes peer-2-peer video and audio calls. It was using webrtc version 2.0, i was supposed to port it to version 2.1.1.
So i did replace the dependencies with the newer version. I had some errors but i fixed it - like some functions names changed and stuff like that - then the app is compiling and running good.
the issue here when i try to connect to intel server. The server receives the request along with name of the peer and authenticate it but never send the response no matter how long i wait. no failure or success message.
This worked for me after several tries
when using intel webrtc server version 2.0 you use this url format to connect "http://0.0.0.0:8095/webrtc" => "http://ip:port/webrtc"
but when using version 2.1.1 you should use this format "http://0.0.0.0:8095" => "http://ip:port"
simply remove the "/webrtc" part
I recently noticed that an application I'm building fails to load properly on Android 2.2 due to an SSL certificate warning:
But it works just fine on Android 2.3. I didn't try any other versions yet. Any ideas what might be going on?
My current hypothesis is that Android 2.2's browser do not load intermediate certificates, can anybody confirm or deny that?
I'm using the BouncyCastle provider and Apache HttpClient to trust an SSL certificate, as described by Antoine Hauck here.
The app I've made targets Android 1.5, and works fine on the emulator and a device running 3.0. However, when I try to test it on 2.2 (Galaxy S), an SSLException, "Not trusted Server Certificate", occurs.
Since there's no errors complaining about BouncyCastle itself, I'm assuming the device is not reading the certificates properly from the .bks file. Is what I'm attempting possible using BouncyCastle on Android version 2.2, or does something just need to be altered from the working 3.0 app?
Update
When I tried to run the app again today, it worked correctly the first time. I've tried it several times now, and it sometimes runs properly but sometimes still gets the SSLException. There doesn't seem to be any pattern to when this occurs - it might work a few times in a row and then fail repeatedly.
Could be the provider of the certificate is not trusted, try checking trusted providers