问题
I'm developing a progressive webapp and, in order to make sure it's working on mobile device (and particularly on Chrome for Android as it's 90% of users), I'm trying to test service worker on an Android device.
Unfortunaltely, on Chrome for Android, I'm unable to register the service worker :
An SSL certificate error occurred when fetching the script.
Failed to load resource: net::ERR_CERT_AUTHORITY_INVALID
I know service worker needs to be served over HTTPS so I have a self-signed certificate for my webapp. It is not trusted by browsers but it is still possible to proceed anyway. When using Firefox for Android, no problem I can sign to push notifications and register the service worker but with Chrome it's not working.
On Chrome for desktop, it's possible to enable service worker over non-secure origin with dev tools. I hoped to find the equivalent flag that I could use on mobile but none exists.
Is there a way to authorize service worker on Chrome Android for debug purpose?
I found an old question with no helpful answer there about the same issue and decided to open this one up for visibilty.
回答1:
From the other StackOverflow post you're referring to, I can see the solution is in the question.
You need to add a Certificate Authority crt to your Android trust list.
Why specifically a Certificate Authority .crt ?
Simply because Android only accepts CA certificates.
How do I get a CA certificate?
Normally, a Certificate Authority (CA) acts as a trusted third party. For debug purpose, you can act as a CA to issue self-signed certificate yourself.
Create a root key:
openssl genrsa -des3 -out rootCA.key 4096
(warning : anyone holding this can sign certificates on your behalf !)Create and self sign the Root Certificate:
openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 -out rootCA.crt
Remember that your webapp's SSL certificate needs to be generated with that same self-created CA.
Install certificate on Android device
Once you got your .crt file, copy it inside your device. Then go to Settings > Security > Install from storage. It should detect the certificate and let you add it.
To make sure it's installed correctly, go to Trusted Credentials > User.
回答2:
I solved this problem by portforwarding. You can find further info in my original answer here: https://stackoverflow.com/a/56146180/5048121
来源:https://stackoverflow.com/questions/50911518/debug-service-worker-with-chrome-on-android-mobile