Thursday, 29 November 2018

How to bypass certificate verification in HTTPs based APIs using ionic 3 application (iOS and Android)?

We are developing ionic framework based application. While calling HTTP based APIs it is working correctly, but while accessing HTTPs based APIs it fails.

Here are the details: - APIs are running on Java Apache server validating certificate for certain domain addresses - There was an error with the request: Or else it ends up into error block (Angular / ionic httpclient) with : err.Status: "0 error"

Trials: We are able to access the same HTTPS certificate enabled APIs in below two ways (But only on local machine browser, not on device builds)

  • If running chrome with --disable-web-security mode (Change in CORS plugin)
  • If assigning ipaddress to .companyname.com domain in hosts file. Then it got verified with certificate and able to run the app.

As this two approaches can be done over desktop machine, and not sure how can we use such bypass mechanism on mobile app side.

Even if it asks the user for permission to bypass certificate then also it should be ok to us. But it should get connected to APIs and fetch data.

How to overcome this error over mobile applications build using ionic framework?



from How to bypass certificate verification in HTTPs based APIs using ionic 3 application (iOS and Android)?

No comments:

Post a Comment