B4J Question [SOLVED] Webview: Load URL from Server with self signed certificate

Discussion in 'B4J Questions' started by inakigarm, Oct 22, 2018.

  1. inakigarm

    inakigarm Well-Known Member Licensed User

    Hi:

    I've search the forum and found and coded the solution in this post:
    https://www.b4x.com/android/forum/threads/webview-certificate-lets-encrypt.64832/#post-410628

    This works fine if the SSL certificate is a valid SSL certificate but if it's self signed, there's an error on the certificate handshaking.

    I've googled for the solution and it seems that solution require to configure local keystore:
    http://www.smartjava.org/content/how-analyze-java-ssl-errors
    https://www.codebyamir.com/blog/java-developers-guide-to-ssl-certificates
    but for my needs, that's not possible (the webview is part an app and it's not possible to access-configure the local keystore of the user computer) and I've not found other solution.

    Is there any inline code that allows to load an URL from a Server configured with an SSL self signed certificate ?

    Thanks

    (Attached the B4J code/see the differents logs if the Page comes from a Server with a valid SSL certificate or self signed
     

    Attached Files:

  2. Erel

    Erel Administrator Staff Member Licensed User

  3. inakigarm

    inakigarm Well-Known Member Licensed User

    Ok. Was tricky (because there was some self-signed certificates around that works and some others not) but found the issue with the help of https://badssl.com and other info.

    Desktop browsers accept (or ask for) Self signed certificates when the CN Certificate field (server hostname) is not set (or set incorrectly: check https://www.pcwebshop.co.uk, works on Desktop browsers but not in Java Webview)

    JavaFX Webview doesn't accept bad self-signed certificates (almost with an incorrect CN -->checked only with an incorrect CN)

    So, I've had to change my self-signed certificate to a one with a correct CN and now works (the B4J code remains unchanged)
    Maybe is possible to instruct Java Webview to not test SSL CN validity by some inline java code but I mark this as Solved as changing to a correct self-signed certificate works for my purposes.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice