Android webview get sslError SSL_UNTRUSTED but certificate is valid

前端 未结 2 1409
自闭症患者
自闭症患者 2021-02-08 21:48

I\'ve implemented onReceivedSslError method in my WebViewClient to properly handle invalid https certificate in webview:

@Override
        public voi         


        
相关标签:
2条回答
  • 2021-02-08 22:43

    For me this was an issue with the server I was trying to reach. It had a broken intermediate certificate chain. It was the redirect server that had a broken chain. When there is a broken chain the webview has no way to resolve because it does not know where to look for the correct cert.

    Use this tool to check for common misconfigurations. Be sure to check any redirects as well.

    Android does not support Authority Information Access

    And therefore there is no AIA Fetching

    But?!.. it works in browsers Yes, It works in browsers because all browsers carry around a list of intermediates to fall back on when the cert has a broken chain.

    Solution: Fix certificate chain on server.

    0 讨论(0)
  • 2021-02-08 22:48

    Even for me it was giving SSL_UNTRUSTED when the cert was throwing invalid CN(SSL_IDMISMATCH) on android chrome. Added network-security-config and all seemed to work fine. For me I installed a user-ca which wasnt being picked up by webview.

    Added this snippet of code, which allowed me to use user-ca installed in user credentials.

    <network-security-config>  
      <base-config>  
            <trust-anchors>  
                <!-- Trust preinstalled CAs -->  
                <certificates src="system" />  
                <!-- Additionally trust user added CAs -->  
                <certificates src="user" />  
           </trust-anchors>  
      </base-config>  
    

    0 讨论(0)
提交回复
热议问题